Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
audit vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2014-5072
Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin prior to 1.2.5 for WordPress allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Wpsecurityauditlog Wp Security Audit Log
3
CVSSv3
CVE-2024-20910
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database...
Oracle Audit Vault And Database Firewall
2.7
CVSSv3
CVE-2024-20912
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database F...
Oracle Audit Vault And Database Firewall
7.6
CVSSv3
CVE-2024-20924
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database...
Oracle Audit Vault And Database Firewall
5.3
CVSSv3
CVE-2018-8719
An issue exists in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp-content/uploads/wp-security-audit-log/* files is not restricted. For example, these files are indexed by Google and allows for malicious users to possibly find sensitive information.
Wpsecurityauditlog Wp Security Audit Log 3.1.1
1 EDB exploit
NA
CVE-2005-4536
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
Debian Libmail-audit-perl 2.1-5
NA
CVE-2014-9736
GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server truststore; and atna for the (4) primary storage database and (5) archive storage database...
Gehealthcare Centricity Clinical Archive Audit Trail Repository
NA
CVE-2010-3125
Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .tmx ...
Wolterskluwer Teammate Audit Management Software Suite 8.0
1 EDB exploit
8.1
CVSSv3
CVE-2020-10650
A deserialization flaw exists in jackson-databind up to and including 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory,...
Fasterxml Jackson-databind
Oracle Retail Merchandising System 15.0
Oracle Retail Sales Audit 14.1
9.8
CVSSv3
CVE-2020-25848
HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism.
Hgiga Msr45 Isherlock-antispam
Hgiga Msr45 Isherlock-audit
Hgiga Msr45 Isherlock-base
Hgiga Msr45 Isherlock-user
Hgiga Msr45 Isherlock-useradmin
Hgiga Ssr45 Isherlock-antispam
Hgiga Ssr45 Isherlock-audit
Hgiga Ssr45 Isherlock-base
Hgiga Ssr45 Isherlock-user
Hgiga Ssr45 Isherlock-useradmin
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »