Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-9452
The nex-forms-express-wp-form-builder plugin prior to 4.6.1 for WordPress has SQL injection via the wp-admin/admin.php?page=nex-forms-main nex_forms_Id parameter.
Nex-forms - Ultimate Form Builder Project Nex-forms - Ultimate Form Builder
9.8
CVSSv3
CVE-2019-1938
A vulnerability in the web-based management interface of Cisco UCS Director and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote malicious user to bypass authentication and execute arbitrary actions with administrator privileges on an affected system...
Cisco Ucs Director 6.7.0.0
Cisco Ucs Director 6.7.1.0
Cisco Ucs Director Express For Big Data 3.7.1.0
Cisco Ucs Director Express For Big Data 3.7.0.0
1 Article
9.8
CVSSv3
CVE-2019-1935
A vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote malicious user to log in to the CLI of an affected system by using the SCP User account (scpuser), wh...
Cisco Integrated Management Controller Supervisor
Cisco Integrated Management Controller Supervisor 2.1.0.0
Cisco Ucs Director 6.7\\(0.0.67265\\)
Cisco Ucs Director 6.0.0.0
Cisco Ucs Director 6.5.0.0
Cisco Ucs Director 6.6.0.0
Cisco Ucs Director 6.6.1.0
Cisco Ucs Director 6.7.0.0
Cisco Ucs Director 6.7.1.0
Cisco Ucs Director Express For Big Data 3.6.0.0
Cisco Ucs Director Express For Big Data 3.0.0.0
Cisco Ucs Director Express For Big Data 3.5.0.0
Cisco Ucs Director Express For Big Data 3.7.0.0
Cisco Ucs Director Express For Big Data 3.7.1.0
1 EDB exploit
1 Article
9.8
CVSSv3
CVE-2019-1974
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote malicious user to bypass user authentication and gain access as...
Cisco Integrated Management Controller Supervisor 2.1.0.0
Cisco Integrated Management Controller Supervisor
Cisco Ucs Director
Cisco Ucs Director 6.7\\(1.1\\)
Cisco Ucs Director 6.7\\(2.0\\)
Cisco Ucs Director Express For Big Data
Cisco Ucs Director Express For Big Data 3.6.1.0
Cisco Ucs Director Express For Big Data 3.6.0.0
1 Article
9.8
CVSSv3
CVE-2019-1937
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote malicious user to acquire a valid session token with administra...
Cisco Integrated Management Controller Supervisor
Cisco Ucs Director
Cisco Ucs Director 6.7\\(0.0.67265\\)
Cisco Ucs Director Express For Big Data 3.6.0.0
Cisco Ucs Director Express For Big Data
1 EDB exploit
2 Metasploit modules
1 Article
9.8
CVSSv3
CVE-2018-15381
A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote malicious user to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the a...
Cisco Unity Express
9.8
CVSSv3
CVE-2018-0403
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
Cisco Unified Contact Center Express 11.5\\(1\\)
9.8
CVSSv3
CVE-2018-6835
node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote malicious users to bypass intended access restrictions.
Etherpad Etherpad
2 Github repositories
9.8
CVSSv3
CVE-2017-12337
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote malicious user to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a ...
Cisco Prime License Manager -
Cisco Unity Connection -
Cisco Emergency Responder -
Cisco Unified Communications Manager Im And Presence Service -
Cisco Unified Communications Manager -
Cisco Finesse -
Cisco Mediasense -
Cisco Socialminer -
Cisco Unified Intelligence Center -
Cisco Hosted Collaboration Solution -
Cisco Unified Contact Center Express -
9.8
CVSSv3
CVE-2017-14356
An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version before 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.
Hp Arcsight Enterprise Security Manager 6.8
Hp Arcsight Enterprise Security Manager 6.5
Hp Arcsight Enterprise Security Manager 6.0
Hp Arcsight Enterprise Security Manager 6.11.0
Hp Arcsight Enterprise Security Manager 6.0c
Hp Arcsight Enterprise Security Manager 6.5c
Hp Arcsight Enterprise Security Manager 6.8c
Hp Arcsight Enterprise Security Manager 6.9.0c
Hp Arcsight Enterprise Security Manager 6.9.1c
Hp Arcsight Enterprise Security Manager Express 6.11.0
Hp Arcsight Enterprise Security Manager Express 6.8
Hp Arcsight Enterprise Security Manager Express 6.8c
Hp Arcsight Enterprise Security Manager Express 6.5c
Hp Arcsight Enterprise Security Manager Express 6.5
Hp Arcsight Enterprise Security Manager Express 6.0c
Hp Arcsight Enterprise Security Manager Express 6.0
Hp Arcsight Enterprise Security Manager Express 6.9.1c
Hp Arcsight Enterprise Security Manager Express 6.9.0c
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »