Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
load balancer vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-34418
The login routine of the web console in the Zoom On-Premise Meeting Connector before version 4.6.239.20200613, Zoom On-Premise Meeting Connector MMR before version 4.6.239.20200613, Zoom On-Premise Recording Connector before version 3.8.42.20200905, Zoom On-Premise Virtual Room C...
Zoom Zoom On-premise Meeting Connector Controller
Zoom Zoom On-premise Meeting Connector Mmr
Zoom Zoom On-premise Recording Connector
Zoom Zoom On-premise Virtual Room Connector
Zoom Zoom On-premise Virtual Room Connector Load Balancer
NA
CVE-2013-2175
HAProxy 1.4 prior to 1.4.24 and 1.5 prior to 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote malicious users to cause a denial of service (negative array index usage and crash) via an HTTP header with a...
Debian Debian Linux 6.0
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 13.04
Redhat Enterprise Linux Load Balancer 6.4
Redhat Enterprise Linux Load Balancer 6.0
Haproxy Haproxy 1.4.6
Haproxy Haproxy 1.4.8
Haproxy Haproxy 1.4.15
Haproxy Haproxy 1.4.17
Haproxy Haproxy 1.4
Haproxy Haproxy 1.4.22
Haproxy Haproxy 1.4.9
Haproxy Haproxy 1.4.10
Haproxy Haproxy 1.4.11
Haproxy Haproxy 1.4.12
Haproxy Haproxy 1.4.13
Haproxy Haproxy 1.4.1
Haproxy Haproxy 1.4.2
Haproxy Haproxy 1.4.3
Haproxy Haproxy 1.4.4
Haproxy Haproxy 1.4.18
9.1
CVSSv3
CVE-2017-15524
The Application Firewall Pack (AFP, aka Web Application Firewall) component on Kemp Load Balancer devices with software prior to 7.2.40.1 allows a Security Feature Bypass via an HTTP POST request.
Kemptechnologies Web Application Firewall
8.8
CVSSv3
CVE-2016-4965
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Fortinet Fortiwan
6.5
CVSSv3
CVE-2016-4966
The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.
Fortinet Fortiwan
6.5
CVSSv3
CVE-2016-4967
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to obtain sensitive information from (1) a backup of the device configuration via script/cfg_show.php or (2) PCAP files via script/system/tcpdump.php.
Fortinet Fortiwan
6.5
CVSSv3
CVE-2016-4968
The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request.
Fortinet Fortiwan
6.1
CVSSv3
CVE-2016-4969
Cross-site scripting (XSS) vulnerability in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote malicious users to inject arbitrary web script or HTML via the IP parameter to script/statistics/getconn.php.
Fortinet Fortiwan
5.9
CVSSv3
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Api Gateway 11.1.2.4.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Business Intelligence 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Mysql
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Oracle Essbase 21.2
5 Github repositories
1 Article
7.4
CVSSv3
CVE-2020-8203
Prototype pollution attack when using _.zipObjectDeep in lodash prior to 4.17.20.
Lodash Lodash
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Communications Billing And Revenue Management 7.5.0.23.0
Oracle Enterprise Communications Broker 3.2.0
Oracle Banking Extensibility Workbench 14.3.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Banking Trade Finance Process Management 14.3.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Corporate Lending Process Management 14.3.0
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Primavera Gateway
Oracle Enterprise Communications Broker Pcz3.3
Oracle Communications Subscriber-aware Load Balancer Cz8.3
Oracle Communications Subscriber-aware Load Balancer Cz8.4
Oracle Communications Session Router Cz8.4
Oracle Communications Session Border Controller Cz8.4
Oracle Communications Session Border Controller 8.4
Oracle Communications Session Border Controller 9.0
Oracle Banking Virtual Account Management 14.2.0
Oracle Banking Virtual Account Management 14.5.0
Oracle Banking Supply Chain Finance 14.2.0
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »