Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nsa vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to execute arbitrary code v...
Microsoft Server Message Block 1.0
6 EDB exploits
53 Github repositories
3 Articles
7.5
CVSSv3
CVE-2021-41990
The gmp plugin in strongSwan prior to 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.
Strongswan Strongswan
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Siemens 6gk6108-4am00-2ba2 Firmware -
Siemens 6gk6108-4am00-2da2 Firmware -
Siemens 6gk5804-0ap00-2aa2 Firmware -
Siemens 6gk5812-1aa00-2aa2 Firmware -
Siemens 6gk5812-1ba00-2aa2 Firmware -
Siemens 6gk5816-1aa00-2aa2 Firmware -
Siemens 6gk5816-1ba00-2aa2 Firmware -
Siemens 6gk5826-2ab00-2ab2 Firmware -
Siemens 6gk5874-2aa00-2aa2 Firmware -
Siemens 6gk5874-3aa00-2aa2 Firmware -
Siemens 6gk5876-3aa02-2ba2 Firmware -
Siemens 6gk5876-3aa02-2ea2 Firmware -
Siemens 6gk5876-4aa00-2ba2 Firmware -
Siemens 6gk5876-4aa00-2da2 Firmware -
Siemens 6gk5856-2ea00-3da1 Firmware -
Siemens 6gk5856-2ea00-3aa1 Firmware -
6.5
CVSSv3
CVE-2020-15999
Heap buffer overflow in Freetype in Google Chrome before 86.0.4240.111 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Freetype Freetype
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
7 Github repositories
3 Articles
7.5
CVSSv3
CVE-2021-41991
The in-memory certificate cache in strongSwan prior to 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by m...
Strongswan Strongswan
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Siemens Sinema Remote Connect Server -
Siemens Siplus Et 200sp Cp 1542sp-1 Irc Tx Rail Firmware -
Siemens Simatic Cp 1243-1 Firmware -
Siemens Simatic Cp 1242-7 Gprs V2 Firmware -
Siemens Simatic Net Cp 1243-8 Irc Firmware -
Siemens Scalance Sc632-2c Firmware -
Siemens Siplus Et 200sp Cp 1543sp-1 Isec Firmware -
Siemens Cp 1543-1 Firmware -
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Simatic Cp 1543sp-1 Firmware -
Siemens Simatic Net Cp1243-7 Lte Eu Firmware -
Siemens Simatic Cp 1243-7 Lte\\/us Firmware -
Siemens Simatic Cp 1542sp-1 Firmware -
Siemens Scalance Sc636-2c Firmware -
Siemens Simatic Cp 1542sp-1 Irc Firmware -
5.5
CVSSv3
CVE-2019-14615
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Intel Atom E3805 -
Intel Atom E3815 -
Intel Atom E3825 -
Intel Atom E3826 -
Intel Atom E3827 -
Intel Atom E3845 -
Intel Atom E620 -
Intel Atom E620t -
Intel Atom E640 -
Intel Atom E640t -
Intel Atom E660 -
Intel Atom E660t -
Intel Atom E680 -
Intel Atom E680t -
Intel Atom X3-c3130 -
Intel Atom X3-c3200rk -
Intel Atom X3-c3230rk -
Intel Atom X3-c3405 -
1 Github repository
2 Articles
6.1
CVSSv3
CVE-2019-11507
In Pulse Secure Pulse Connect Secure (PCS) 8.3.x prior to 8.3R7.1 and 9.0.x prior to 9.0R3, an XSS issue has been found on the Application Launcher page.
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.3
7.2
CVSSv3
CVE-2019-11508
In Pulse Secure Pulse Connect Secure (PCS) prior to 8.1R15.1, 8.2 prior to 8.2R12.1, 8.3 prior to 8.3R7.1, and 9.0 prior to 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance.
Pulsesecure Pulse Connect Secure 7.4
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
Ivanti Connect Secure 7.1
Ivanti Connect Secure 7.4
7.7
CVSSv3
CVE-2019-11538
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, 8.2RX prior to 8.2R12.1, and 8.1RX prior to 8.1R15.1, an NFS problem could allow an authenticated malicious user to access the contents of arbitrary files on the affected device.
Ivanti Connect Secure 9.0
Ivanti Connect Secure 8.1
Ivanti Connect Secure 8.2
Ivanti Connect Secure 8.3
9.8
CVSSv3
CVE-2019-11540
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4 and 8.3RX prior to 8.3R7.1 and Pulse Policy Secure version 9.0RX prior to 9.0R3.2 and 5.4RX prior to 5.4R7.1, an unauthenticated, remote attacker can conduct a session hijacking attack.
Pulsesecure Pulse Policy Secure 5.4r1
Pulsesecure Pulse Policy Secure 5.4r2
Pulsesecure Pulse Policy Secure 5.4r2.1
Pulsesecure Pulse Policy Secure 5.4r3
Pulsesecure Pulse Policy Secure 5.4rx
Pulsesecure Pulse Connect Secure 8.3rx
Pulsesecure Pulse Policy Secure 5.4r4
Pulsesecure Pulse Policy Secure 5.4r5
Pulsesecure Pulse Policy Secure 5.4r5.2
Pulsesecure Pulse Policy Secure 5.4r6
Pulsesecure Pulse Policy Secure 5.4r6.1
Pulsesecure Pulse Policy Secure 5.4r7
Pulsesecure Pulse Policy Secure 9.0r1
Pulsesecure Pulse Policy Secure 9.0r2
Pulsesecure Pulse Policy Secure 9.0r2.1
Pulsesecure Pulse Policy Secure 9.0r3
Pulsesecure Pulse Policy Secure 9.0r3.1
Pulsesecure Pulse Policy Secure 9.0rx
Pulsesecure Pulse Connect Secure 9.0r1
Pulsesecure Pulse Connect Secure 9.0r2
Pulsesecure Pulse Connect Secure 9.0r2.1
Pulsesecure Pulse Connect Secure 9.0r3
1 Github repository
7.5
CVSSv3
CVE-2019-11541
In Pulse Secure Pulse Connect Secure version 9.0RX prior to 9.0R3.4, 8.3RX prior to 8.3R7.1, and 8.2RX prior to 8.2R12.1, users using SAML authentication with the Reuse Existing NC (Pulse) Session option may see authentication leaks.
Pulsesecure Pulse Connect Secure 8.2r1.1
Pulsesecure Pulse Connect Secure 8.2r2.0
Pulsesecure Pulse Connect Secure 8.2r4.0
Pulsesecure Pulse Connect Secure 8.2r5.0
Pulsesecure Pulse Connect Secure 8.2r1.0
Pulsesecure Pulse Connect Secure 8.2r4.1
Pulsesecure Pulse Connect Secure 8.2r3.1
Pulsesecure Pulse Connect Secure 8.2r3.0
Pulsesecure Pulse Connect Secure 8.3rx
Pulsesecure Pulse Connect Secure 9.0r1
Pulsesecure Pulse Connect Secure 9.0r2
Pulsesecure Pulse Connect Secure 9.0r2.1
Pulsesecure Pulse Connect Secure 9.0r3
Pulsesecure Pulse Connect Secure 9.0r3.1
Pulsesecure Pulse Connect Secure 9.0r3.2
Pulsesecure Pulse Connect Secure 9.0rx
Pulsesecure Pulse Connect Secure 8.2r5.1
Pulsesecure Pulse Connect Secure 8.2r6.0
Pulsesecure Pulse Connect Secure 8.2r7.0
Pulsesecure Pulse Connect Secure 8.2r7.1
Pulsesecure Pulse Connect Secure 8.2rx
Ivanti Connect Secure 8.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
NEXT »