Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cloud portal vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-9032
An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version : A1, B1; Firmware Version : 1.02-2.06) devices potentially allows malicious users to bypass SharePort Web Access Portal by directly visiting /category_view....
Dlink Dir-850l Firmware
1 EDB exploit
9.8
CVSSv3
CVE-2019-17531
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in ...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 16.2
Oracle Banking Platform 2.5.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
2 Github repositories
8.1
CVSSv3
CVE-2020-28052
An issue exists in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different.
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.66
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api 1.65
Apache Karaf 4.3.2
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Banking Extensibility Workbench 14.3.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Communications Messaging Server 8.1
Oracle Commerce Guided Search 11.3.2
Oracle Communications Messaging Server 8.0.2
Oracle Utilities Framework 4.4.0.3.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.2.1
Oracle Communications Pricing Design Center 12.0.0.3.0
2 Github repositories
9.8
CVSSv3
CVE-2019-16943
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.1
Oracle Primavera Gateway 16.2
Oracle Banking Platform 2.5.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Jd Edwards Enterpriseone Orchestrator 9.2
Oracle Banking Platform 2.6.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Weblogic Server 12.2.1.4.0
9.8
CVSSv3
CVE-2019-20330
FasterXML jackson-databind 2.x prior to 2.9.10.2 lacks certain net.sf.ehcache blocking.
Fasterxml Jackson-databind
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Xstore Point Of Service 16.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Retail Xstore Point Of Service 18.0
Oracle Retail Xstore Point Of Service 19.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Global Lifecycle Management Opatch
Oracle Trace File Analyzer 19c
9.8
CVSSv3
CVE-2019-16942
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, a...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Database Server 12.2.0.1
2 Github repositories
8.1
CVSSv3
CVE-2020-36189
FasterXML jackson-databind 2.x prior to 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource.
Fasterxml Jackson-databind
Netapp Cloud Backup -
Netapp Service Level Manager -
Debian Debian Linux 9.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Banking Platform 2.6.2
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Agile Plm 9.3.6
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Communications Services Gatekeeper 7.0
Oracle Retail Merchandising System 15.0.3
Oracle Banking Platform 2.7.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
Oracle Communications Evolved Communications Application Server 7.1
Oracle Goldengate Application Adapters 19.1.0.0.0
Oracle Retail Service Backbone 16.0.3
5.3
CVSSv3
CVE-2023-20052
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and previous versions, 0.105.1 and previous versions, and 0.103.7 and previous versions could allow an unauthenticated, remot...
Cisco Secure Endpoint Private Cloud
Cisco Secure Endpoint
Clamav Clamav 1.0.0
Clamav Clamav
Stormshield Stormshield Network Security
3 Github repositories
1 Article
7.5
CVSSv3
CVE-2021-35517
When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar pack...
Apache Commons Compress
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Oracle Webcenter Portal 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Banking Digital Experience 19.1
Oracle Flexcube Universal Banking
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Webcenter Portal 12.2.1.4.0
Oracle Banking Digital Experience 19.2
Oracle Banking Digital Experience 20.1
Oracle Primavera Unifier 20.12
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Commerce Guided Search 11.3.2
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Insurance Policy Administration 11.3.0
Oracle Insurance Policy Administration 11.0.2
4.9
CVSSv3
CVE-2020-12144
The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal.
Silver-peak Unity Edgeconnect For Google Cloud Platform -
Silver-peak Unity Edgeconnect For Azure -
Silver-peak Unity Edgeconnect For Amazon Web Services -
Silver-peak Unity Orchestrator
Silver-peak Vx-500 Firmware -
Silver-peak Vx-1000 Firmware -
Silver-peak Vx-2000 Firmware -
Silver-peak Vx-3000 Firmware -
Silver-peak Vx-5000 Firmware -
Silver-peak Vx-6000 Firmware -
Silver-peak Vx-7000 Firmware -
Silver-peak Vx-9000 Firmware -
Silver-peak Vx-8000 Firmware -
Silver-peak Nx-700 Firmware -
Silver-peak Nx-1000 Firmware -
Silver-peak Nx-2000 Firmware -
Silver-peak Nx-3000 Firmware -
Silver-peak Nx-5000 Firmware -
Silver-peak Nx-6000 Firmware -
Silver-peak Nx-7000 Firmware -
Silver-peak Nx-8000 Firmware -
Silver-peak Nx-9000 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »