Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-38646
Metabase open source prior to 0.46.6.1 and Metabase Enterprise prior to 1.46.6.1 allow malicious users to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4...
Metabase Metabase
50 Github repositories
9.8
CVSSv3
CVE-2023-37291
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: fr...
Gss Vitals Enterprise Social Platform
9.8
CVSSv3
CVE-2023-26136
Versions of the package tough-cookie prior to 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Salesforce Tough-cookie
3 Github repositories
9.8
CVSSv3
CVE-2023-2530
A privilege escalation allowing remote code execution exists in the orchestration service.
Puppet Puppet Enterprise 2023.0
Puppet Puppet Enterprise
Puppet Puppet Enterprise 2023.1.0
9.8
CVSSv3
CVE-2023-0635
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105...
Abb Aspect-ent-2 Firmware
Abb Aspect-ent-12 Firmware
Abb Aspect-ent-256 Firmware
Abb Aspect-ent-96 Firmware
Abb Nexus-2128 Firmware
Abb Nexus-2128-a Firmware
Abb Nexus-2128-g Firmware
Abb Nexus-2128-f Firmware
Abb Nexus-3-2128 Firmware
Abb Nexus-3-264 Firmware
Abb Nexus-264 Firmware
Abb Nexus-264-a Firmware
Abb Nexus-264-g Firmware
Abb Nexus-264-f Firmware
Abb Matrix-216 Firmware
Abb Matrix-232 Firmware
Abb Matrix-296 Firmware
Abb Matrix-264 Firmware
Abb Matrix-11 Firmware
9.8
CVSSv3
CVE-2023-0636
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise, Linux (2CQG103201S3021, 2CQG103202S3021, 2CQG103203S3021, 2CQG103204S3021 modules), ABB Ltd. NEXUS Series on NEXUS Series, Linux (2CQG100102R2021, 2CQG100104R2021, 2CQG100105R202...
Abb Aspect-ent-2 Firmware
Abb Aspect-ent-12 Firmware
Abb Aspect-ent-256 Firmware
Abb Aspect-ent-96 Firmware
Abb Nexus-2128 Firmware
Abb Nexus-2128-a Firmware
Abb Nexus-2128-g Firmware
Abb Nexus-2128-f Firmware
Abb Nexus-3-2128 Firmware
Abb Nexus-3-264 Firmware
Abb Nexus-264 Firmware
Abb Nexus-264-a Firmware
Abb Nexus-264-g Firmware
Abb Nexus-264-f Firmware
Abb Matrix-216 Firmware
Abb Matrix-232 Firmware
Abb Matrix-296 Firmware
Abb Matrix-264 Firmware
Abb Matrix-11 Firmware
9.8
CVSSv3
CVE-2023-34152
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
Imagemagick Imagemagick
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
1 Github repository
9.8
CVSSv3
CVE-2023-2868
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). ...
Barracuda Email Security Gateway 300 Firmware
Barracuda Email Security Gateway 400 Firmware
Barracuda Email Security Gateway 600 Firmware
Barracuda Email Security Gateway 800 Firmware
Barracuda Email Security Gateway 900 Firmware
1 Github repository
7 Articles
9.8
CVSSv3
CVE-2023-2319
It exists that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-20...
Clusterlabs Pcs 0.11.4-6.el9
Redhat Enterprise Linux High Availability Eus 9.2
Redhat Enterprise Linux High Availability 9.0
9.8
CVSSv3
CVE-2023-24540
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during exe...
Golang Go
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »