Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
audit vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2018-3115
Vulnerability in the Oracle Retail Sales Audit component of Oracle Retail Applications (subcomponent: Operational Insights). Supported versions that are affected are 15.0 and 16.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to c...
Oracle Retail Sales Audit 16.0
Oracle Retail Sales Audit 15.0
3.5
CVSSv2
CVE-2009-3029
Cross-site scripting (XSS) vulnerability in the console in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and previous versions allows remote authenticated users to inject arbitrary web script or HTML via "external client input" that triggers craft...
Symantec Securityexpressions Audit And Compliance Server
Symantec Securityexpressions Audit And Compliance Server 4.1
4.3
CVSSv2
CVE-2009-3030
Cross-site scripting (XSS) vulnerability in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and previous versions allows remote malicious users to inject arbitrary web script or HTML via vectors that trigger an error message in a response, related to an "...
Symantec Securityexpressions Audit And Compliance Server 4.1
Symantec Securityexpressions Audit And Compliance Server
4.1
CVSSv2
CVE-2008-1628
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit prior to 1.7 might allow remote malicious users to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information.
Linux Audit
3.5
CVSSv2
CVE-2021-24901
The Security Audit WordPress plugin up to and including 1.0.0 does not sanitise and escape the Data Id setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Securemoz Security Audit
4.3
CVSSv2
CVE-2021-3130
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the ...
Opmantek Open-audit
1 Github repository
7.5
CVSSv2
CVE-2021-40612
An issue exists in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution without echoes.
Opmantek Open-audit
4.3
CVSSv2
CVE-2020-2140
Jenkins Audit Trail Plugin 3.2 and previous versions does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability.
Jenkins Audit Trail
5
CVSSv2
CVE-2020-2287
Jenkins Audit Trail Plugin 3.6 and previous versions applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows malicious users to craft URLs that bypass request logging of any target URL.
Jenkins Audit Trail
NA
CVE-2022-31889
Cross Site Scripting (XSS) vulnerability in audit/templates/auditlogs.tmpl.php in osTicket osTicket-plugins before commit a7842d494889fd5533d13deb3c6a7789768795ae.
Enhancesoft Audit Log
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »