Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data engine vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-15456
A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to view saved passwords in plain text. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration pages in the Ad...
Cisco Identity Services Engine 2.4\\(0.357\\)
Cisco Identity Services Engine 2.2\\(0.470\\)
Cisco Identity Services Engine 2.3\\(0.298\\)
Cisco Identity Services Engine 2.4\\(100.159\\)
NA
CVE-2023-43632
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The co...
Linuxfoundation Edge Virtualization Engine
356
VMScore
CVE-2021-35492
Wowza Streaming Engine up to and including 4.8.11+5 could allow an authenticated, remote malicious user to exhaust filesystem resources via the /enginemanager/server/vhost/historical.jsdata vhost parameter. This is due to the insufficient management of available filesystem resour...
Wowza Streaming Engine
1 Github repository
445
VMScore
CVE-2017-15123
A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. An attacker could use this flaw to view potentially sensitive information from CloudForms including data such as newly created v...
Redhat Cloudforms Management Engine
605
VMScore
CVE-2018-1000836
bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in ...
Apereo Bw-calendar-engine
409
VMScore
CVE-2018-19322
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and previous versions, AORUS GRAPHICS ENGINE prior to 1.57, XTREME GAMING ENGINE prior to 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a numbe...
Gigabyte App Center
Gigabyte Aorus Graphics Engine
Gigabyte Xtreme Gaming Engine
Gigabyte Oc Guru Ii 2.08
605
VMScore
CVE-2015-2898
Multiple stack-based buffer overflows in Medicomp MEDCIN Engine prior to 2.22.20153.226 might allow remote malicious users to execute arbitrary code via a crafted packet on port 8190, related to (1) the SetGroupSequenceEx na_setgroupsequenceex function, (2) the FormatDate julptos...
Medicomp Medcin Engine
1 Github repository
605
VMScore
CVE-2015-2899
Heap-based buffer overflow in the QualifierList retrieve_qualifier_list function in Medicomp MEDCIN Engine prior to 2.22.20153.226 might allow remote malicious users to execute arbitrary code via a long list name in a packet on port 8190.
Medicomp Medcin Engine
606
VMScore
CVE-2015-2900
The AddUserFinding add_userfinding2 function in Medicomp MEDCIN Engine prior to 2.22.20153.226 allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted packet on port 8190.
Medicomp Medcin Engine
1000
VMScore
CVE-2000-1209
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, a...
Compaq Insight Manager Xe 2.1b
Microsoft Data Engine 1.0
Compaq Insight Manager Xe 1.1
Compaq Insight Manager Xe 1.21
Compaq Insight Manager Xe 2.1
Compaq Insight Manager 7.0
Compaq Insight Manager Xe 2.1c
Microsoft Msde 2000
Compaq Insight Manager Xe 2.2
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »