Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
audit vulnerabilities and exploits
(subscribe to this query)
7.7
CVSSv3
CVE-2018-3115
Vulnerability in the Oracle Retail Sales Audit component of Oracle Retail Applications (subcomponent: Operational Insights). Supported versions that are affected are 15.0 and 16.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to c...
Oracle Retail Sales Audit 16.0
Oracle Retail Sales Audit 15.0
NA
CVE-2009-3029
Cross-site scripting (XSS) vulnerability in the console in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and previous versions allows remote authenticated users to inject arbitrary web script or HTML via "external client input" that triggers craft...
Symantec Securityexpressions Audit And Compliance Server
Symantec Securityexpressions Audit And Compliance Server 4.1
NA
CVE-2009-3030
Cross-site scripting (XSS) vulnerability in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and previous versions allows remote malicious users to inject arbitrary web script or HTML via vectors that trigger an error message in a response, related to an "...
Symantec Securityexpressions Audit And Compliance Server 4.1
Symantec Securityexpressions Audit And Compliance Server
NA
CVE-2008-1628
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit prior to 1.7 might allow remote malicious users to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
Linux Audit
6.1
CVSSv3
CVE-2022-31889
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
Enhancesoft Audit Log
1 Github repository
5.4
CVSSv3
CVE-2018-11124
Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition prior to 2.2.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted attribute name of an Attribute.
Opmantek Open-audit
1 EDB exploit
9.8
CVSSv3
CVE-2022-31890
SQL Injection vulnerability in audit/class.audit.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae via the order parameter to the getOrder function.
Enhancesoft Audit Log
1 Github repository
8.8
CVSSv3
CVE-2019-16293
The Create Discoveries feature of Open-AudIT prior to 3.2.0 allows an authenticated malicious user to execute arbitrary OS commands via a crafted value for a URL field.
Opmantek Open-audit
7.5
CVSSv3
CVE-2007-4150
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak cryptography (XOR) when (1) transmitting passwords, which allows remote malicious users to obtain sensitive information by sniffing the network; and (2) storing passwords in the configuration fi...
Visionsoft Audit 12.4.0.0
6.1
CVSSv3
CVE-2020-2140
Jenkins Audit Trail Plugin 3.2 and previous versions does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.
Jenkins Audit Trail
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »