Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0365
Multiple buffer overflows in CORE FORCE prior to 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions...
Core Security Technologies Core Force
1 EDB exploit
NA
CVE-2008-0366
CORE FORCE prior to 0.95.172 does not properly validate arguments to SSDT hook handler functions in the Registry module, which allows local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments.
Core Security Technologies Core Force
9.8
CVSSv3
CVE-2022-41923
Grails Spring Security Core plugin is vulnerable to privilege escalation. The vulnerability allows an attacker access to one endpoint (i.e. the targeted endpoint) using the authorization requirements of a different endpoint (i.e. the donor endpoint). In some Grails framework appl...
Grails Spring Security Core
1 Github repository
7.5
CVSSv3
CVE-2021-22119
Spring Security versions 5.5.x before 5.5.1, 5.4.x before 5.4.7, 5.3.x before 5.3.10 and 5.2.x before 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or...
Vmware Spring Security
Oracle Communications Cloud Native Core Policy 1.14.0
5.9
CVSSv3
CVE-2021-33880
The aaugustin websockets library prior to 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basic_auth_protocol_factory(credentials=...). An attacker may be able to guess a password via a timing attack.
Websockets Project Websockets
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Cloud Native Core Unified Data Repository 1.14.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.5.0
5.9
CVSSv3
CVE-2021-2471
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Con...
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Mysql Connectors
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Quarkus Quarkus
3 Github repositories
5.5
CVSSv3
CVE-2022-22946
In spring cloud gateway versions before 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or custom ...
Vmware Spring Cloud Gateway 3.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Console 22.2.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
1 Github repository
4.4
CVSSv3
CVE-2020-24491
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.
Intel Core I3 1000g1
Intel Core I3 1000g4
Intel Core I3 1005g1
Intel Core I5 1030g4
Intel Core I5 1030g7
Intel Core I5 1035g1
Intel Core I5 1035g4
Intel Core I5 1035g7
Intel Core I7 1060g7
Intel Core I7 1065g7
6.7
CVSSv3
CVE-2017-5704
Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges.
Intel Core I3 4360
Intel Core I3 4360t
Intel Core I3 4370
Intel Core I3 4370t
Intel Core I3 4100e
Intel Core I3 4005u
Intel Core I3 4170t
Intel Core I3 4150
Intel Core I3 4130
Intel Core I3 6320
Intel Core I3 6300
Intel Core I3 6300t
Intel Core I3 6100e
Intel Core I3 7100h
Intel Core I3 7100t
Intel Core I3 7100u
Intel Core I3 7101e
Intel Core I3 4340te
Intel Core I3 4350t
Intel Core I3 4102e
Intel Core I3 4110e
Intel Core I3 4170
1 Article
4.6
CVSSv3
CVE-2018-3619
Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an malicious user to recover data via physical access.
Intel Core I7 8700t
Intel Core I7 8700k
Intel Core I7 8700b
Intel Core I7 8700
Intel Core I7 7700
Intel Core I7 7700k
Intel Core I7 7700t
Intel Core I7 7660u
Intel Core I7 7600u
Intel Core I7 8500y
Intel Core I7 8086k
Intel Core I7 8850h
Intel Core I7 7920hq
Intel Core I7 8709g
Intel Core I7 8705g
Intel Core I7 8565u
Intel Core I7 8550u
Intel Core I7 7820hq
Intel Core I7 7820eq
Intel Core I7 7567u
Intel Core I7 7500u
Intel Core I7 8809g
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »