Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
engine vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-46792
Hasura GraphQL Engine prior to 2.15.2 mishandles row-level authorization in the Update Many API for Postgres backends. The fixed versions are 2.10.2, 2.11.3, 2.12.1, 2.13.2, 2.14.1, and 2.15.2. (Versions prior to 2.10.0 are unaffected.)
Hasura Graphql Engine
Hasura Graphql Engine 2.14.0
Hasura Graphql Engine 2.12.0
7.8
CVSSv3
CVE-2018-12441
The CorsairService Service in Corsair Utility Engine is installed with insecure default permissions, which allows unprivileged local users to execute arbitrary commands via modification of the CorsairService BINARY_PATH_NAME, leading to complete control of the affected system. Th...
Corsair Corsair Utility Engine 3.7.99
Corsair Corsair Utility Engine 3.3.103
Corsair Corsair Utility Engine 3.4.95
Corsair Corsair Utility Engine 3.6.109
Corsair Corsair Utility Engine 3.2.87
NA
CVE-2006-1149
PHP remote file inclusion vulnerability in lib/OWL_API.php in OWL Intranet Engine 0.82, when register_globals is enabled, allows remote malicious users to include arbitrary files via a URL in the xrms_file_root parameter, which is not initialized before use.
Owl Owl Intranet Engine 0.6
Owl Owl Intranet Engine 0.72
Owl Owl Intranet Engine 0.73
Owl Owl Intranet Engine 0.8
Owl Owl Intranet Engine 0.82
1 EDB exploit
NA
CVE-2005-0264
Multiple cross-site scripting (XSS) vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote malicious users to inject arbitrary web script or HTML via the (1) expand or (2) order parameter.
Owl Owl Intranet Engine 0.7
Owl Owl Intranet Engine 0.71
Owl Owl Intranet Engine 0.6
Owl Owl Intranet Engine 0.72
Owl Owl Intranet Engine 0.73
6.5
CVSSv3
CVE-2015-6317
Cisco Identity Services Engine (ISE) prior to 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.
Cisco Identity Services Engine Software 1.3\\(120.135\\)
Cisco Identity Services Engine Software 1.3\\(106.146\\)
Cisco Identity Services Engine Software 1.2.1
Cisco Identity Services Engine Software 1.1.4
Cisco Identity Services Engine Software 1.1.3
Cisco Identity Services Engine Software 1.1.2
Cisco Identity Services Engine Software 1.1.1
Cisco Identity Services Engine Software 1.0.4.573
Cisco Identity Services Engine Software 1.0 Mr Base
Cisco Identity Services Engine Software 1.2\\(1.198\\)
Cisco Identity Services Engine Software 1.4\\(0.109\\)
Cisco Identity Services Engine Software 1.2\\(0.793\\)
Cisco Identity Services Engine Software 1.2.0.899
Cisco Identity Services Engine Software 1.2\\(0.747\\)
Cisco Identity Services Engine Software 1.2 Base
Cisco Identity Services Engine Software 1.1 Base
Cisco Identity Services Engine Software 1.3\\(0.722\\)
Cisco Identity Services Engine Software 1.2\\(1.901\\)
Cisco Identity Services Engine Software 1.0 Base
Cisco Identity Services Engine Software 1.4\\(0.253\\)
Cisco Identity Services Engine Software 1.4\\(0.181\\)
Cisco Identity Services Engine Software 1.3\\(0.876\\)
1 Article
NA
CVE-2009-4837
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE) prior to 1.4.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) sig[1] parameter to base/base_qry_main.php, or the time[0][1] parameter to (2) base/ba...
Secureideas Basic Analysis And Security Engine
Secureideas Basic Analysis And Security Engine 1.2
Secureideas Basic Analysis And Security Engine 1.1.4
Secureideas Basic Analysis And Security Engine 1.3.6
Secureideas Basic Analysis And Security Engine 1.2.7
Secureideas Basic Analysis And Security Engine 1.2.2
Secureideas Basic Analysis And Security Engine 1.2.1
Secureideas Basic Analysis And Security Engine 1.1.2
Secureideas Basic Analysis And Security Engine 1.1
Secureideas Basic Analysis And Security Engine 1.3.8
Secureideas Basic Analysis And Security Engine 1.3.9
Secureideas Basic Analysis And Security Engine 1.2.4
Secureideas Basic Analysis And Security Engine 1.2.5
Secureideas Basic Analysis And Security Engine 1.2.6
Secureideas Basic Analysis And Security Engine 1.2.0
Secureideas Basic Analysis And Security Engine 1.1.3
Secureideas Basic Analysis And Security Engine 1.3.5
NA
CVE-2009-4838
SQL injection vulnerability in base_ag_common.php in Basic Analysis and Security Engine (BASE) prior to 1.4.3.1 allows remote malicious users to execute arbitrary SQL commands via unspecified parameters. NOTE: some of these details are obtained from third party information.
Secureideas Basic Analysis And Security Engine
Secureideas Basic Analysis And Security Engine 1.2
Secureideas Basic Analysis And Security Engine 1.3.6
Secureideas Basic Analysis And Security Engine 1.3.8
Secureideas Basic Analysis And Security Engine 1.2.1
Secureideas Basic Analysis And Security Engine 1.1.2
Secureideas Basic Analysis And Security Engine 1.1
Secureideas Basic Analysis And Security Engine 1.1.4
Secureideas Basic Analysis And Security Engine 1.2.4
Secureideas Basic Analysis And Security Engine 1.2.5
Secureideas Basic Analysis And Security Engine 1.2.6
Secureideas Basic Analysis And Security Engine 1.2.7
Secureideas Basic Analysis And Security Engine 1.2.0
Secureideas Basic Analysis And Security Engine 1.2.2
Secureideas Basic Analysis And Security Engine 1.1.3
Secureideas Basic Analysis And Security Engine 1.3.5
Secureideas Basic Analysis And Security Engine 1.3.9
NA
CVE-2009-4839
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_u...
Secureideas Basic Analysis And Security Engine 1.2.2
Secureideas Basic Analysis And Security Engine 1.1.2
Secureideas Basic Analysis And Security Engine 1.3.9
Secureideas Basic Analysis And Security Engine 1.2.4
Secureideas Basic Analysis And Security Engine 1.1.4
Secureideas Basic Analysis And Security Engine 1.1.3
Secureideas Basic Analysis And Security Engine 1.3.6
Secureideas Basic Analysis And Security Engine 1.3.5
Secureideas Basic Analysis And Security Engine
Secureideas Basic Analysis And Security Engine 1.2.0
Secureideas Basic Analysis And Security Engine 1.2.5
Secureideas Basic Analysis And Security Engine 1.2.6
Secureideas Basic Analysis And Security Engine 1.2.7
Secureideas Basic Analysis And Security Engine 1.2
Secureideas Basic Analysis And Security Engine 1.2.1
Secureideas Basic Analysis And Security Engine 1.1
Secureideas Basic Analysis And Security Engine 1.3.8
Secureideas Basic Analysis And Security Engine 1.4.3
NA
CVE-2005-0415
Multiple memory leaks in the MQL parser in Emdros prior to 1.1.22 allow remote malicious users to cause a denial of service (memory consumption) via malformed MQL statements.
Ulrik Petersen Emdros Database Engine 1.1.14
Ulrik Petersen Emdros Database Engine 1.1.15
Ulrik Petersen Emdros Database Engine 1.1.18
Ulrik Petersen Emdros Database Engine 1.1.19
Ulrik Petersen Emdros Database Engine 1.1.16
Ulrik Petersen Emdros Database Engine 1.1.17
Ulrik Petersen Emdros Database Engine 1.1.20
Ulrik Petersen Emdros Database Engine 1.1.21
NA
CVE-2008-6441
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games, allows remote servers to execute arbitrary code via (1) the CLASS parameter in a DLMGR command, (2) a malformed package (PKG), and possibly (3) the LEVEL parameter in a WELCOME command.
Epicgames Unreal Engine 2
Epicgames Unreal Engine 2.5
Epicgames Unreal Engine 3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »