Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
local vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv2
CVE-2014-5758
The Yellow Pages Local Search (aka com.yellowbook.android2) application 11.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Yellowbook Yellow Pages Local Search 11.0.0
NA
CVE-2022-40702
Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a up to and including 1.5.2.
Zorem Advanced Local Pickup For Woocommerce
7.5
CVSSv2
CVE-2018-5973
SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter.
Eihitech Professional Local Directory Script 1.0
1 EDB exploit
6.2
CVSSv2
CVE-2014-8727
Multiple directory traversal vulnerabilities in F5 BIG-IP prior to 10.2.2 allow local users with the "Resource Administrator" or "Administrator" role to enumerate and delete arbitrary files via a .. (dot dot) in the name parameter to (1) tmui/Control/jspmap/tm...
F5 Big-ip Local Traffic Manager
1 EDB exploit
4.3
CVSSv2
CVE-2020-5936
On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel (TMM) process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile.
F5 Big-ip Local Traffic Manager
NA
CVE-2023-2841
The Advanced Local Pickup for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in versions up to, and including, 1.5.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
Zorem Advanced Local Pickup For Woocommerce
7.1
CVSSv2
CVE-2019-6590
On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic.
F5 Big-ip Local Traffic Manager
6.4
CVSSv2
CVE-2020-4670
IBM Planning Analytics Local 2.0 connects to a Redis server. The Redis server, an in-memory data structure store, running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server. IBM X-Force ID: ...
Ibm Planning Analytics Local 2.0.0
Ibm Planning Analytics Cloud 2.0.0
7.5
CVSSv2
CVE-2007-0860
Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote malicious users to execute arbitrary PHP code via a URL in the (1) TEMPLATE_DIR parameter to (a) showinvoices.php, (b) showmonth.php, (c) showevents.php, (d) retrieveinvoice.php, (e) modi...
Laboratory For Optical And Computational Instrumentation Local Calendar System 1.1
6.4
CVSSv2
CVE-2020-4669
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without password authentication. A remote attacker can gain unauthorized access to the database....
Ibm Planning Analytics Cloud 2.0.0
Ibm Planning Analytics Local 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »