Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
disclosure management vulnerabilities and exploits
(subscribe to this query)
9.4
CVSSv3
CVE-2016-2296
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote malicious users to obtain sensitive information or modify data via unspecified vectors.
Meteocontrol Web\\'log Pro Unlimited -
Meteocontrol Web\\'log Pro -
Meteocontrol Web\\'log Light -
Meteocontrol Web\\'log Basic 100 -
1 EDB exploit
9.1
CVSSv3
CVE-2021-35942
The wordexp function in the GNU C Library (aka glibc) up to and including 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This oc...
Gnu Glibc
Netapp Ontap Select Deploy Administration Utility -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Debian Debian Linux 10.0
2 Github repositories
9.1
CVSSv3
CVE-2020-9141
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.
Huawei Emui 10.1.0
Huawei Emui 10.1.1
Huawei Magic Ui 3.1.0
Huawei Magic Ui 3.1.1
9.1
CVSSv3
CVE-2020-8747
Out-of-bounds read in subsystem for Intel(R) AMT versions prior to 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
Intel Active Management Technology Firmware
Netapp Cloud Backup -
9.1
CVSSv3
CVE-2019-11168
Insufficient session validation in Intel(R) Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
Intel Baseboard Management Controller Firmware
9.1
CVSSv3
CVE-2017-12249
A vulnerability in the Traversal Using Relay NAT (TURN) server included with Cisco Meeting Server (CMS) could allow an authenticated, remote malicious user to gain unauthenticated or unauthorized access to components of or sensitive information in an affected system. The vulnerab...
Cisco Meeting Server 2.2.4
Cisco Meeting Server 2.1.2
Cisco Meeting Server 2.2.0
Cisco Meeting Server 2.2.2
Cisco Meeting Server 2.1.6
Cisco Meeting Server 2.1.8
Cisco Meeting Server 2.1.3
Cisco Meeting Server 2.1.4
Cisco Meeting Server 2.2.5
Cisco Meeting Server 2.1.9
Cisco Meeting Server 2.1.10
Cisco Meeting Server 2.1.1
Cisco Meeting Server 2.1.0
Cisco Meeting Server
Cisco Meeting Server 2.2.1
Cisco Meeting Server 2.2.3
Cisco Meeting Server 2.1.5
Cisco Meeting Server 2.1.7
9
CVSSv3
CVE-2019-12373
Improper access control and open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager) 10.0.1.168 Service Update 5 may lead to remote disclosure of administrator passwords.
Ivanti Landesk Management Suite 10.0.1.168
8.8
CVSSv3
CVE-2023-6308
A vulnerability, which was classified as critical, has been found in Xiamen Four-Faith Video Surveillance Management System 2016/2017. Affected by this issue is some unknown functionality of the component Apache Struts. The manipulation leads to unrestricted upload. The attack ma...
Four-faith Video Surveillance Management System 2017
Four-faith Video Surveillance Management System 2016
8.8
CVSSv3
CVE-2023-5492
A vulnerability, which was classified as critical, was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. Affected is an unknown function of the file /sysmanage/licence.php. The manipulation of the argument file_upload leads to...
Byzoro Smart S45f Firmware
8.8
CVSSv3
CVE-2023-5493
A vulnerability has been found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /useratte/web.php. The manipulation of the argument f...
Byzoro Smart S45f Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »