Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
falcon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2841
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610/6.44.15806. It has been classified as problematic. Affected is an unknown function of the component Uninstallation Handler. The manipulation leads to missing authorization. It is possible to launch the attack...
Crowdstrike Falcon 6.42.15610
Crowdstrike Falcon 6.31.14505.0
Crowdstrike Falcon 6.44.15806
1 Github repository
445
VMScore
CVE-1999-0882
Falcon web server allows remote malicious users to determine the absolute path of the web root via long file names.
Falcon Falcon Web Server 1.0.0.1006
668
VMScore
CVE-2022-26245
Falcon-plus v0.3 exists to contain a SQL injection vulnerability via the parameter grpName in /config/service/host.go.
Open-falcon Falcon-plus 0.3
435
VMScore
CVE-2002-2318
Cross-site scripting (XSS) vulnerability in Falcon web server 2.0.0.1009 up to and including 2.0.0.1021 allows remote malicious users to inject arbitrary web script or HTML via the URI, which is inserted into 301 error messages and executed by 404 error messages.
Blueface Falcon Web Server 2.0.0.1009
Blueface Falcon Web Server 2.0.0.1021
Blueface Falcon Web Server 2.0.0.1021 Ssl
Blueface Falcon Web Server 2.0.0.1020
1 EDB exploit
435
VMScore
CVE-2014-3110
Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and previous versions and FALCON XLWeb XLWebExe controller devices 2.02.11 and previous versions allow remote malicious users to inject arbitrary web script or HTML via ...
Honeywell Falcon Xlweb Linux Controller
Honeywell Falcon Xlweb Xlwebexe
1 EDB exploit
676
VMScore
CVE-2014-2717
Honeywell FALCON XLWeb Linux controller devices 2.04.01 and previous versions and FALCON XLWeb XLWebExe controller devices 2.02.11 and previous versions allow remote malicious users to bypass authentication and obtain administrative access by visiting the change-password page.
Honeywell Falcon Xlweb Linux Controller
Honeywell Falcon Xlweb Xlwebexe
668
VMScore
CVE-2002-0899
Falcon web server 2.0.0.1021 and previous versions allows remote malicious users to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot).
Blueface Falcon Web Server 2.0.0.1021
Blueface Falcon Web Server 2.0.0.1021 Ssl
445
VMScore
CVE-2002-0275
Falcon web server 2.0.0.1020 and previous versions allows remote malicious users to bypass authentication and read restricted files via an extra / (slash) in the requested URL.
Blueface Falcon Web Server 2.0.0.1009
Blueface Falcon Web Server 2.0.0.1020
NA
CVE-2021-27523
An issue exists in open-falcon dashboard version 0.2.0, allows remote malicious users to gain, modify, and delete sensitive information via crafted POST request to register interface.
Open-falcon Dashboard 0.2.0
685
VMScore
CVE-2007-6488
Multiple PHP remote file inclusion vulnerabilities in Falcon Series One CMS 1.4.3 allow remote malicious users to execute arbitrary PHP code via a URL in (1) the dir[classes] parameter to sitemap.xml.php or (2) the error parameter to errors.php.
Falcon Series One Cms 1.4.3
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »