Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data center security server vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-1913
Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote malicious user to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operatin...
Cisco Sf-220-24 Firmware
Cisco Sf220-24p Firmware
Cisco Sf220-48 Firmware
Cisco Sf220-48p Firmware
Cisco Sg220-26 Firmware
Cisco Sg220-26p Firmware
Cisco Sg220-28 Firmware
Cisco Sg220-28mp Firmware
Cisco Sg220-50 Firmware
Cisco Sg220-50p Firmware
Cisco Sg220-52 Firmware
1 EDB exploit
1 Article
9.8
CVSSv3
CVE-2019-14379
SubTypeValidator.java in FasterXML jackson-databind prior to 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Active Iq Unified Manager
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Redhat Openshift Container Platform 4.1
Redhat Single Sign-on 7.3
Redhat Openshift Container Platform 3.11
Oracle Retail Xstore Point Of Service 15.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Retail Xstore Point Of Service 7.1
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
1 Github repository
9.8
CVSSv3
CVE-2019-3822
libcurl versions from 7.36.0 to prior to 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously receive...
Haxx Libcurl
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 9.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp Clustered Data Ontap
Siemens Sinema Remote Connect Client
Oracle Http Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Secure Global Desktop 5.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Services Tools Bundle 19.2
Oracle Mysql Server
Redhat Enterprise Linux 8.0
3 Github repositories
9.8
CVSSv3
CVE-2018-11058
RSA BSAFE Micro Edition Suite, versions before 4.0.11 (in 4.0.x) and before 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version before 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously construc...
Dell Bsafe
Dell Bsafe Crypto-c
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Analytics 12.1.1
Oracle Communications Ip Service Activator 7.3.0
Oracle Communications Ip Service Activator 7.4.0
Oracle Core Rdbms 11.2.0.4
Oracle Core Rdbms 12.1.0.2
Oracle Core Rdbms 12.2.0.1
Oracle Core Rdbms 18c
Oracle Core Rdbms 19c
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Goldengate Application Adapters 12.3.2.1.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Real User Experience Insight 13.1.2.1
Oracle Real User Experience Insight 13.2.3.1
Oracle Real User Experience Insight 13.3.1.0
Oracle Retail Predictive Application Server 15.0.3
Oracle Retail Predictive Application Server 16.0.3.0
Oracle Security Service 11.1.1.9.0
Oracle Security Service 12.1.3.0.0
1 Article
9.8
CVSSv3
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp
Ntp Ntp 4.2.8
Debian Debian Linux 7.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
9.8
CVSSv3
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Citrix Xenserver 6.0.2
Citrix Xenserver 6.2.0
Citrix Xenserver 6.5
Citrix Xenserver 7.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
9.8
CVSSv3
CVE-2017-6640
A vulnerability in Cisco Prime Data Center Network Manager (DCNM) Software could allow an unauthenticated, remote malicious user to log in to the administrative console of a DCNM server by using an account that has a default, static password. The account could be granted root- or...
Cisco Prime Data Center Network Manager 10.1.0
Cisco Prime Data Center Network Manager 10.1\\(2\\)
Cisco Prime Data Center Network Manager 10.1\\(1\\)
1 Github repository
9.8
CVSSv3
CVE-2016-3645
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x up to and including 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) prior to 12.1 RU6 MP5; Sy...
Symantec Norton Security
Symantec Protection Engine
Symantec Protection Engine 7.8.0
Symantec Advanced Threat Protection
Symantec Norton Bootable Removal Tool
Symantec Data Center Security Server 6.5
Symantec Data Center Security Server 6.6
Symantec Data Center Security Server 6.0
Symantec Protection For Sharepoint Servers
Symantec Message Gateway For Service Providers 10.5
Symantec Message Gateway For Service Providers 10.6
Symantec Csapi
Symantec Endpoint Protection 12.1.6
Symantec Norton Power Eraser
Symantec Mail Security For Domino
Symantec Mail Security For Microsoft Exchange 6.5.8
Symantec Mail Security For Microsoft Exchange
Symantec Message Gateway
Symantec Norton Internet Security
Symantec Norton Security With Backup
Symantec Norton 360
Symantec Norton Antivirus
1 EDB exploit
9.8
CVSSv3
CVE-2008-0062
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free.
Mit Kerberos 5
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Fedoraproject Fedora 8
Fedoraproject Fedora 7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »