Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
enterprise developer vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2024-0690
An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive infor...
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Ansible
Redhat Ansible Automation Platform 2.4
Redhat Ansible Developer 1.1
Redhat Ansible Inside 1.2
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.9
CVSSv3
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
9 Github repositories
1 Article
7.8
CVSSv3
CVE-2023-5764
A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an malicious user to use a specially crafted file to introduce templating injection when suppl...
Redhat Ansible 2.16.0
Redhat Ansible
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Redhat Ansible Automation Platform 2.4
Redhat Ansible Developer 1.1
Redhat Ansible Inside 1.2
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
9.8
CVSSv3
CVE-2023-4501
User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server (including product variants such as Enterprise Test Server), versions 7.0 patch updates 19 and 20, 8.0 patch...
Microfocus Cobol Server 9.0
Microfocus Cobol Server 8.0
Microfocus Cobol Server 7.0
Microfocus Visual Cobol 9.0
Microfocus Visual Cobol 8.0
Microfocus Visual Cobol 7.0
Microfocus Enterprise Developer 9.0
Microfocus Enterprise Developer 8.0
Microfocus Enterprise Developer 7.0
Microfocus Enterprise Test Server 9.0
Microfocus Enterprise Test Server 8.0
Microfocus Enterprise Test Server 7.0
Microfocus Enterprise Server 9.0
Microfocus Enterprise Server 8.0
Microfocus Enterprise Server 7.0
6.5
CVSSv3
CVE-2022-40982
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Redhat Enterprise Linux 7.0
Xen Xen -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Intel Microcode
Intel Xeon E-2314 Firmware -
Intel Xeon E-2324g Firmware -
Intel Xeon E-2334 Firmware -
Intel Xeon E-2374g Firmware -
Intel Xeon E-2336 Firmware -
Intel Xeon E-2356g Firmware -
Intel Xeon E-2386g Firmware -
Intel Xeon E-2378 Firmware -
Intel Xeon E-2378g Firmware -
Intel Xeon E-2388g Firmware -
Intel Xeon W-1350 Firmware -
Intel Xeon W-1350p Firmware -
Intel Xeon W-1370 Firmware -
Intel Xeon W-1370p Firmware -
Intel Xeon W-1390t Firmware -
Intel Xeon W-1390 Firmware -
2 Github repositories
2 Articles
6.5
CVSSv3
CVE-2023-32265
A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ES...
Microfocus Cobol Server 7.0
Microfocus Cobol Server 8.0
Microfocus Cobol Server 6.0
Microfocus Visual Cobol 7.0
Microfocus Visual Cobol 8.0
Microfocus Visual Cobol 6.0
Microfocus Enterprise Developer 7.0
Microfocus Enterprise Developer 8.0
Microfocus Enterprise Developer 6.0
Microfocus Enterprise Test Server 7.0
Microfocus Enterprise Test Server 8.0
Microfocus Enterprise Test Server 6.0
Microfocus Enterprise Server 7.0
Microfocus Enterprise Server 8.0
Microfocus Enterprise Server 6.0
7.5
CVSSv3
CVE-2023-25193
hb-ot-layout-gsubgpos.hh in HarfBuzz up to and including 6.0.0 allows malicious users to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.
Harfbuzz Project Harfbuzz
Fedoraproject Fedora 36
9.8
CVSSv3
CVE-2022-45047
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for l...
Apache Sshd
1 Github repository
7.5
CVSSv3
CVE-2022-42003
In FasterXML jackson-databind prior to 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
Fasterxml Jackson-databind
Quarkus Quarkus
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Oncommand Workflow Automation -
6 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »