Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diagnostics vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2020-26823
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated malicious user to compromise the system because of missing authorization checks in the Upgrade Diagnostics Agent Connection Service, this has an impact to the integrity and availability of the service.
Sap Solution Manager 7.20
9.9
CVSSv3
CVE-2021-21883
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vu...
Lantronix Premierwave 2050 Firmware 8.9.0.0
9.9
CVSSv3
CVE-2021-21872
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger t...
Lantronix Premierwave 2050 Firmware 8.9.0.0
9.8
CVSSv3
CVE-2023-32673
Certain versions of HP PC Hardware Diagnostics Windows, HP Image Assistant, and HP Thunderbolt Dock G2 Firmware are potentially vulnerable to elevation of privilege.
Hp Pc Hardware Diagnostics
Hp Image Assistant
Hp Thunderbolt Dock G2 Firmware -
1 Github repository
9.8
CVSSv3
CVE-2023-32674
Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow.
Hp Pc Hardware Diagnostics
9.8
CVSSv3
CVE-2023-27497
Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent - version 720, allows an malicious user to execute malicious scripts on all connected Diagnostics Agents running on Windows. On successful exploitation, the attacker...
Sap Diagnostics Agent 720
9.8
CVSSv3
CVE-2022-32534
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and previous versions was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
Bosch Pra-es8p2s Firmware
9.8
CVSSv3
CVE-2021-40493
Zoho ManageEngine OpManager prior to 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
9.8
CVSSv3
CVE-2021-38647
Open Management Infrastructure Remote Code Execution Vulnerability
Microsoft System Center Operations Manager -
Microsoft Azure Automation State Configuration -
Microsoft Azure Automation Update Management -
Microsoft Azure Diagnostics \\(lad\\) -
Microsoft Azure Open Management Infrastructure -
Microsoft Azure Security Center -
Microsoft Azure Sentinel -
Microsoft Azure Stack Hub -
Microsoft Container Monitoring Solution -
Microsoft Log Analytics Agent -
22 Github repositories
2 Articles
9.8
CVSSv3
CVE-2020-2733
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD ...
Oracle Jd Edwards Enterpriseone Tools 9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »