Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apollo vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25569
Apollo is a configuration management system. Prior to version 2.1.0, a low-privileged user can create a special web page. If an authenticated portal admin visits this page, the page can silently send a request to assign new roles for that user without any confirmation from the Po...
Apolloconfig Apollo
NA
CVE-2023-25570
Apollo is a configuration management system. Prior to version 2.1.0, there are potential security issues if users expose apollo-configservice to the internet, which is not recommended. This is because there is no authentication feature enabled for the built-in eureka service. Mal...
Apolloconfig Apollo
NA
CVE-2023-30959
In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction.
Palantir Apollo Autopilot
NA
CVE-2024-23841
apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input (e...
Apollographql Apollo Client
NA
CVE-2023-41317
The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when GraphQ...
Apollographql Apollo Router
890
VMScore
CVE-1999-1493
Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote malicious users to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk().
Hp Apollo Domain Os
935
VMScore
CVE-2009-1351
Heap-based buffer overflow in Apollo 37zz allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file.
Heikki Ylinen Apollo 37zz
1 EDB exploit
890
VMScore
CVE-2013-0728
Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin prior to 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote malicious users to execute arbitrary code via a long property value.
Hexagon Erdas Apollo Ecwp 13.00.0000
NA
CVE-2024-25734
An issue exists on WyreStorm Apollo VX20 devices prior to 1.3.58. The TELNET service prompts for a password only after a valid username is entered, which might make it easier for remote malicious users to enumerate user accounts.
NA
CVE-2024-25735
An issue exists on WyreStorm Apollo VX20 devices prior to 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request.
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »