Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-45141
Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an malicious user to obtain tokens and forge malicious requests on behalf of a user. This can lead to unauthorized acti...
Gofiber Fiber
1 Github repository
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
5.3
CVSSv3
CVE-2023-20251
A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent malicious user to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple cl...
Cisco Mobility Express Software -
5.3
CVSSv3
CVE-2023-41338
Fiber is an Express inspired web framework built in the go language. Versions of gofiber before 2.49.2 did not properly restrict access to localhost. This issue impacts users of our project who rely on the `ctx.IsFromLocal` method to restrict access to localhost requests. If expl...
Gofiber Fiber
5.3
CVSSv3
CVE-2023-20232
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP re...
Cisco Unified Contact Center Express
4.8
CVSSv3
CVE-2023-30749
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ihomefinder Optima Express + MarketBoost IDX Plugin plugin <= 7.3.0 versions.
Ihomefinder Optima Express \\+ Marketboost Idx
5.6
CVSSv3
CVE-2023-21983
Vulnerability in the Application Express Administration product of Oracle Application Express (component: None). Supported versions that are affected are Application Express Administration: 18.2-22.2. Difficult to exploit vulnerability allows unauthenticated attacker with network...
Oracle Application Express
9
CVSSv3
CVE-2023-21974
Vulnerability in the Application Express Team Calendar Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Team Calendar Plugin: 18.2-22.1. Easily exploitable vulnerability allows low privileged atta...
Oracle Application Express
9
CVSSv3
CVE-2023-21975
Vulnerability in the Application Express Customers Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Customers Plugin: 18.2-22.2. Easily exploitable vulnerability allows low privileged attacker wit...
Oracle Application Express
9.8
CVSSv3
CVE-2022-24627
An issue exists in AudioCodes Device Manager Express up to and including 7.8.20002.47752. It is an unauthenticated SQL injection in the p parameter of the process_login.php login form.
Audiocodes Device Manager Express
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »