Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core security vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2008-0366
CORE FORCE prior to 0.95.172 does not properly validate arguments to SSDT hook handler functions in the Registry module, which allows local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments.
Core Security Technologies Core Force
725
VMScore
CVE-2008-0365
Multiple buffer overflows in CORE FORCE prior to 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions...
Core Security Technologies Core Force
1 EDB exploit
NA
CVE-2022-41923
Grails Spring Security Core plugin is vulnerable to privilege escalation. The vulnerability allows an attacker access to one endpoint (i.e. the targeted endpoint) using the authorization requirements of a different endpoint (i.e. the donor endpoint). In some Grails framework appl...
Grails Spring Security Core
1 Github repository
446
VMScore
CVE-2021-22119
Spring Security versions 5.5.x before 5.5.1, 5.4.x before 5.4.7, 5.3.x before 5.3.10 and 5.2.x before 5.2.11 are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client Web and WebFlux application. A malicious user or...
Vmware Spring Security
Oracle Communications Cloud Native Core Policy 1.14.0
231
VMScore
CVE-2021-33880
The aaugustin websockets library prior to 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basic_auth_protocol_factory(credentials=...). An attacker may be able to guess a password via a timing attack.
Websockets Project Websockets
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Cloud Native Core Unified Data Repository 1.14.0
Oracle Communications Cloud Native Core Service Communication Proxy 1.14.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.5.0
704
VMScore
CVE-2021-2471
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.26 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Con...
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Mysql Connectors
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Network Slice Selection Function 1.8.0
Quarkus Quarkus
3 Github repositories
187
VMScore
CVE-2022-22946
In spring cloud gateway versions before 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or custom ...
Vmware Spring Cloud Gateway 3.1.0
Oracle Commerce Guided Search 11.3.2
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
Oracle Communications Cloud Native Core Network Repository Function 22.2.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.1
Oracle Communications Cloud Native Core Console 22.2.0
Oracle Communications Cloud Native Core Network Repository Function 22.1.2
1 Github repository
409
VMScore
CVE-2020-0529
Improper initialization in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an unauthenticated user to potentially enable escalation of privilege via local access.
Intel Core I5-7600k Firmware -
Intel Core I5-7600t Firmware -
Intel Core I5-7600 Firmware -
Intel Core I5-7500 Firmware -
Intel Core I5-7500t Firmware -
Intel Core I5-7442eq Firmware -
Intel Core I5-7440hq Firmware -
Intel Core I5-7440eq Firmware -
Intel Core I5-7400t Firmware -
Intel Core I5-7400 Firmware -
Intel Core I5-7360u Firmware -
Intel Core I5-7300u Firmware -
Intel Core I5-7300hq Firmware -
Intel Core I5-7287u Firmware -
Intel Core I5-7267u Firmware -
Intel Core I5-7260u Firmware -
Intel Core I5-7200u Firmware -
Intel Core I5-7y54 Firmware -
Intel Core I5-7y57 Firmware -
Intel Core I7-7920hq Firmware -
Intel Core I7-7820hq Firmware -
Intel Core I7-7820hk Firmware -
169
VMScore
CVE-2020-24491
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.
Intel Core I7 1065g7
Intel Core I7 1060g7
Intel Core I5 1030g4
Intel Core I5 1030g7
Intel Core I5 1035g1
Intel Core I5 1035g4
Intel Core I5 1035g7
Intel Core I3 1000g1
Intel Core I3 1000g4
Intel Core I3 1005g1
170
VMScore
CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code exe...
Intel Core I7-6500u Firmware -
Intel Core I7-6510u Firmware -
Intel Core I7-6560u Firmware -
Intel Core I7-6567u Firmware -
Intel Core I7-6600u Firmware -
Intel Core I7-6650u Firmware -
Intel Core I7-6660u Firmware -
Intel Core I7-6700 Firmware -
Intel Core I7-6700hq Firmware -
Intel Core I7-6700k Firmware -
Intel Core I7-6700t Firmware -
Intel Core I7-6700te Firmware -
Intel Core I7-6770hq Firmware -
Intel Core I7-6820eq Firmware -
Intel Core I7-6820hk Firmware -
Intel Core I7-6820hq Firmware -
Intel Core I7-6822eq Firmware -
Intel Core I7-6870hq Firmware -
Intel Core I7-6920hq Firmware -
Intel Core I7-6970hq Firmware -
Intel Core I7-8550u Firmware -
Intel Core I7-8559u Firmware -
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »