Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core security technologies vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-18663
Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. A vulnerability in HP Data Protector could allow a remote attacker to execute arbitrary code. The vulnerability is triggered by sendi...
NA
CVE-2009-28983
Core Security Technologies Advisory - Multiple cross-site scripting vulnerabilities (both stored and reflected) have been found in the web interface of Hyperic HQ, which can be exploited by an attacker to execute arbitrary JavaScript code in the context of the browser of a legiti...
NA
CVE-2009-38503
Core Security Technologies Advisory - Blender embeds a python interpreter to extend its functionality. Blender .blend project files can be modified to execute arbitrary commands without user intervention by design. An attacker can take full control of the machine where Blender is...
445
VMScore
CVE-2008-0196
Multiple directory traversal vulnerabilities in WordPress 2.0.11 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the page parameter to certain PHP scripts under wp-admin/ or (2) the import parameter to wp-admin/admin.php, as de...
Wordpress Wordpress
445
VMScore
CVE-2011-1509
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus (SDP) 8012 and previous versions uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network.
Manageengine Servicedesk Plus 8.0
Manageengine Servicedesk Plus
383
VMScore
CVE-2011-1510
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus (SDP) prior to 8012 allows remote malicious users to inject arbitrary web script or HTML via the searchText parameter.
Manageengine Servicedesk Plus
NA
CVE-2011-15103
ManageEngine ServiceDesk Plus is a complete web based and ITIL ready service desk software with integrated asset management developed by ManageEngine, the Enterprise IT Management Software division of Zoho Corporation. The authentication process of ServiceDesk Plus obfuscates use...
NA
CVE-2011-15113
Core Security Technologies Advisory - The Administration Console of Oracle GlassFish Server, which is listening by default on port 4848/TCP, is prone to an authentication bypass vulnerability. This vulnerability can be exploited by remote attackers to access sensitive data on the...
NA
CVE-2011-15133
Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed wh...
445
VMScore
CVE-2011-1514
The inet service in HP OpenView Storage Data Protector 6.00 up to and including 6.20 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a request containing crafted parameters.
Hp Openview Storage Data Protector 6.11
Hp Openview Storage Data Protector 6.00
Hp Openview Storage Data Protector 6.10
Hp Openview Storage Data Protector 6.20
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »