Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
health vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2019-10686
An SSRF vulnerability was found in an API from Ctrip Apollo up to and including 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled.
Ctrip Apollo
9.8
CVSSv3
CVE-2023-3631
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection.This issue affects Medart Notification Panel: up to and including 20231123. NOTE: The vendor was c...
Medart Notification Panel Project Medart Notification Panel
9.8
CVSSv3
CVE-2023-30723
Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows malicious users to write arbitrary file with Samsung Health privilege.
Samsung Health
9.8
CVSSv3
CVE-2023-33967
EaseProbe is a tool that can do health/status checking. An SQL injection issue exists in EaseProbe prior to 2.1.0 when using MySQL/PostgreSQL data checking. This problem has been fixed in v2.1.0.
Megaease Easeprobe
9.8
CVSSv3
CVE-2023-1253
A vulnerability, which was classified as critical, was found in SourceCodester Health Center Patient Record Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the ...
Health Center Patient Record Management System Project Health Center Patient Record Management System 1.0
9.8
CVSSv3
CVE-2023-22496
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function `health_alarm_exec...
Netdata Netdata
9.8
CVSSv3
CVE-2022-46471
Online Health Care System v1.0 exists to contain a SQL injection vulnerability via the consulting_id parameter at /healthcare/Admin/consulting_detail.php.
Online Health Care System Project Online Health Care System 1.0
9.8
CVSSv3
CVE-2022-47629
Libksba prior to 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
Gnupg Libksba
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2022-36227
In libarchive prior to 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties di...
Libarchive Libarchive
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
9.8
CVSSv3
CVE-2021-3711
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" paramete...
Openssl Openssl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Session Border Controller 8.4
Oracle Enterprise Communications Broker 3.2.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
1 Github repository
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »