Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
axis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0055
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs mediaclip.cgi and playclip.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlighted flaw. Please refe...
NA
CVE-2024-0054
Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX APIs local_list.cgi, create_overlay.cgi and irissetup.cgi was vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for the highlig...
7.1
CVSSv3
CVE-2021-41211
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs whenever `axis` is a negative value less than `-1`. In this case, we are accessing ...
Google Tensorflow 2.6.0
5.3
CVSSv3
CVE-2013-3018
The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 up to and including 7.2.1.4 allows remote malicious users to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. IBM...
Ibm Tivoli Application Dependency Discovery Manager
Ibm Tivoli Application Dependency Discovery Manager 7.1.2
NA
CVE-2017-20047
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejected as out of scope in accordance to the Vulnerability Policy of Axis: https://www.axis.com/dam/public/76/fe/26/axis-vulnerability-management-policy-en-US-375421.pdf. Notes: none
NA
CVE-2017-20048
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejected since it is out of scope in accordance to the Vulnerability Policy of Axis: https://www.axis.com/dam/public/76/fe/26/axis-vulnerability-management-policy-en-US-375421.pdf. Note...
NA
CVE-2017-20046
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This CVE has been rejected since it is out of scope in accordance to the Vulnerability Policy of Axis: https://www.axis.com/dam/public/76/fe/26/axis-vulnerability-management-policy-en-US-375421.pdf. Note...
7.1
CVSSv3
CVE-2019-0283
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be ac...
Sap Netweaver Process Integration 7.10
Sap Netweaver Process Integration 7.11
Sap Netweaver Process Integration 7.30
Sap Netweaver Process Integration 7.40
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.50
5.5
CVSSv3
CVE-2021-37677
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for `tf.raw_ops.Dequantize` has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inferenc...
Google Tensorflow
Google Tensorflow 2.6.0
Google Tensorflow 2.5.0
8.8
CVSSv3
CVE-2022-44784
An issue exists in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the e...
Maggioli Appalti \\& Contratti 9.12.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »