Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
database vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-13022
Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding password generation algorithm (used to set initial passwords upon first installation). It XORs the plaintext into the 'encrypted' password that is then stored within the databas...
Jetstream Jetselect
10
CVSSv2
CVE-2020-9423
LogicalDoc prior to 8.3.3 could allow an malicious user to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version con...
Logicaldoc Logicaldoc
10
CVSSv2
CVE-2019-19015
An issue exists in TitanHQ WebTitan prior to 5.18. The proxy service (which is typically exposed to all users) allows connections to the internal PostgreSQL database of the appliance. By connecting to the database through the proxy (without password authentication), an attacker i...
Titanhq Webtitan
10
CVSSv2
CVE-2016-4401
Aruba ClearPass Policy Manager prior to 6.5.7 and 6.6.x prior to 6.6.2 allows malicious users to obtain database credentials.
Arubanetworks Clearpass
2 Github repositories
10
CVSSv2
CVE-2019-1935
A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote malicious user to log in to the CLI of an affected system by using the SCP User account (scpuser), wh...
Cisco Integrated Management Controller Supervisor
Cisco Integrated Management Controller Supervisor 2.1.0.0
Cisco Ucs Director 6.7\\(0.0.67265\\)
Cisco Ucs Director 6.0.0.0
Cisco Ucs Director 6.5.0.0
Cisco Ucs Director 6.6.0.0
Cisco Ucs Director 6.6.1.0
Cisco Ucs Director 6.7.0.0
Cisco Ucs Director 6.7.1.0
Cisco Ucs Director Express For Big Data 3.6.0.0
Cisco Ucs Director Express For Big Data 3.0.0.0
Cisco Ucs Director Express For Big Data 3.5.0.0
Cisco Ucs Director Express For Big Data 3.7.0.0
Cisco Ucs Director Express For Big Data 3.7.1.0
1 EDB exploit
1 Article
10
CVSSv2
CVE-2019-13447
An issue exists in Sertek Xpare 3.67. The login form does not sanitize input data. Because of this, a malicious agent could access the backend database via SQL injection.
Sertek Xpare 3.67
10
CVSSv2
CVE-2019-5021
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of t...
Gliderlabs Docker-alpine
Opensuse Leap 15.0
Opensuse Leap 15.1
F5 Big-ip Controller 1.2.1
3 Github repositories
10
CVSSv2
CVE-2019-3909
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
Identicard Premisys Id 3.1.190
10
CVSSv2
CVE-2018-1000804
contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able...
Contiki-ng Contiki-ng 4.0
10
CVSSv2
CVE-2017-12574
An issue exists on PLANEX CS-W50HD devices with firmware prior to 030720. A hardcoded credential "supervisor:dangerous" was injected into web authentication database "/.htpasswd" during booting process, which allows malicious users to gain unauthorized access ...
Planex Cs-w50hd Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »