Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
controller vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2022-20695
A vulnerability in the authentication functionality of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote malicious user to bypass authentication controls and log in to the device through the management interface This vulnerability is due to the i...
Cisco Wireless Lan Controller 8.10.151.0
Cisco Wireless Lan Controller 8.10.162.0
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1181 Github repositories
28 Articles
10
CVSSv3
CVE-2021-1388
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote malicious user to bypass authentication on an affected device. The vulnerability is due to improper token validation o...
Cisco Application Policy Infrastructure Controller 3.0\\(3i\\)
Cisco Aci Multi-site Orchestrator
10
CVSSv3
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections.
Nortekcontrol Linear Emerge Essential Firmware
Nortekcontrol Linear Emerge Elite Firmware
1 Metasploit module
10
CVSSv3
CVE-2019-1867
A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote malicious user to bypass authentication on the REST API. The vulnerability is due to improper validation of API requests. An attacker could exploit this vulnerability...
Cisco Elastic Services Controller
10
CVSSv3
CVE-2017-2320
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based malicious user to cause various denials of services leading to targeted information disclosure, modification of any...
Juniper Northstar Controller
10
CVSSv3
CVE-2016-9343
An issue exists in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 up to and including 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be a...
Rockwellautomation Softlogix 5800 Controller Firmware 18.00
Rockwellautomation Softlogix 5800 Controller Firmware 19.00
Rockwellautomation Softlogix 5800 Controller Firmware 20.00
Rockwellautomation Softlogix 5800 Controller Firmware 21.00
Rockwellautomation Rslogix Emulate 5000 Firmware 18.00
Rockwellautomation Rslogix Emulate 5000 Firmware 19.00
Rockwellautomation Rslogix Emulate 5000 Firmware 20.00
Rockwellautomation Rslogix Emulate 5000 Firmware 21.00
Rockwellautomation Guardlogix 5570 Controller Firmware 16.00
Rockwellautomation Guardlogix 5570 Controller Firmware 17.00
Rockwellautomation Guardlogix 5570 Controller Firmware 18.00
Rockwellautomation Guardlogix 5570 Controller Firmware 19.00
Rockwellautomation Guardlogix 5570 Controller Firmware 20.00
Rockwellautomation Guardlogix 5570 Controller Firmware 20.010
Rockwellautomation Guardlogix 5570 Controller Firmware 20.017
Rockwellautomation Guardlogix 5570 Controller Firmware 21.00
Rockwellautomation Flexlogix L34 Controller Firmware 16.00
Rockwellautomation Controllogix L55 Controller Firmware 16.00
Rockwellautomation Controllogix L55 Controller Firmware 16.020
Rockwellautomation Controllogix L55 Controller Firmware 16.022
Rockwellautomation Controllogix 5570 Redundant Controller Firmware 20.00
Rockwellautomation Controllogix 5570 Redundant Controller Firmware 20.050
9.9
CVSSv3
CVE-2023-41373
A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated malicious user to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the malicious user to cross a secur...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Visibility And Reporting
F5 Big-ip Carrier-grade Nat
F5 Big-ip Ddos Hybrid Defender
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Ssl Orchestrator
F5 Big-ip Webaccelerator
F5 Big-ip Websafe
9.9
CVSSv3
CVE-2023-25765
In Jenkins Email Extension Plugin 2.93 and previous versions, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context ...
Jenkins Email Extension
9.9
CVSSv3
CVE-2022-43401
A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and previous versions allows attackers with permission to define and run sandboxed scripts, including Pipelines, to ...
Jenkins Script Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »