Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ignite vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7686
Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run) where...
Apache Ignite 1.6.0
Apache Ignite 1.4.0
Apache Ignite 1.3.0
Apache Ignite 1.2.0
Apache Ignite 1.1.0
Apache Ignite 1.9.0
Apache Ignite 1.7.0
Apache Ignite 1.5.0
Apache Ignite 1.0.0
Apache Ignite 2.0.0
Apache Ignite 1.8.0
NA
CVE-2007-2975
The admin console in Ignite Realtime Openfire 3.3.0 and previous versions (formerly Wildfire) does not properly specify a filter mapping in web.xml, which allows remote malicious users to gain privileges and execute arbitrary code by accessing functionality that is exposed throug...
Ignite Realtime Openfire 3.2.1
Ignite Realtime Openfire 3.1.1
Ignite Realtime Openfire 3.0.1
Ignite Realtime Openfire
Ignite Realtime Openfire 3.2.4
Ignite Realtime Openfire 3.2.3
Ignite Realtime Openfire 3.2.2
Ignite Realtime Openfire 3.0.0
Ignite Realtime Openfire 2.6.2
Ignite Realtime Openfire 2.6.1
Ignite Realtime Openfire 2.6.0
Ignite Realtime Openfire 3.2.0
Ignite Realtime Openfire 3.1.0
NA
CVE-2006-7233
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.6.0, and possibly other versions prior to 3.5.3, allows remote malicious users to inject arbitrary web script or HTML via the url parameter.
Ignite Realtime Openfire 2.6.0
Ignite Realtime Openfire
5.9
CVSSv3
CVE-2016-6805
Apache Ignite prior to 1.9 allows man-in-the-middle malicious users to read arbitrary files via XXE in modified update-notifier documents.
Apache Ignite
9.1
CVSSv3
CVE-2020-1963
Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by malicious user to access to a filesystem.
Apache Ignite
9.8
CVSSv3
CVE-2018-1273
Spring Data Commons, versions before 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted r...
Pivotal Software Spring Data Commons
Pivotal Software Spring Data Rest
Apache Ignite 1.0.0
Apache Ignite
5 Github repositories
NA
CVE-2014-6951
The OneFile Ignite (aka uk.co.onefile.ignite) application 1.19 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Onefile Onefile Ignite 1.19
NA
CVE-2008-1728
ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to cause a denial of service (daemon outage) by triggering large outgoing queues without reading messages.
Ignite Realtime Openfire 3.4.5
NA
CVE-2005-4877
Cross-site scripting (XSS) vulnerability in the login form (login.jsp) of the admin console in Openfire (formerly Wildfire) 2.3.0 Beta 2 allows remote malicious users to inject arbitrary web script or HTML via Javascript events in the username parameter, a different vulnerability...
Ignite Realtime Openfire 2.3.0
NA
CVE-2009-0496
Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) log parameter to (a) logviewer.jsp and (b) log.jsp; (2) search parameter to (c) group-summary.jsp; (3) username pa...
Ignite Realtime Openfire 3.6.2
3 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »