Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
osm vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2002-2239
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E up to and including 12.1(13.4)E allows remote malicious users to cause a denial of service (hang) via a malformed packet.
Cisco Ios 12.1e
7.5
CVSSv2
CVE-2006-4666
Multiple PHP remote file inclusion vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5 beta allow remote malicious users to execute arbitrary PHP code via a URL in the (1) ide parameter in (a) article.php; or the (2) pwfile parameter in (b) delete.php, (c) modify.php, (d...
Stefan Ernst Newsscript 0.5
2 EDB exploits
6.5
CVSSv2
CVE-2020-7749
This affects all versions of package osm-static-maps. User input given to the package is passed directly to a template without escaping ({{{ ... }}}). As such, it is possible for an malicious user to inject arbitrary HTML/JS code and depending on the context. It will be outputted...
Osm-static-maps Project Osm-static-maps
5
CVSSv2
CVE-2019-17503
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes...
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
4.7
CVSSv2
CVE-2004-0244
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length val...
Cisco Ios 12.1e
Cisco Ios 12.2sy
Cisco Ios 12.2za
1 EDB exploit
4.3
CVSSv2
CVE-2019-17504
An issue exists in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote malicious users to inject arbitrary web script via the /osm/report/ password parameter.
Kirona Dynamic Resource Scheduling 5.5.3.5
1 EDB exploit
4.3
CVSSv2
CVE-2012-1647
Multiple cross-site scripting (XSS) vulnerabilities in the "stand alone PHP application for the OSM Player," as used in the MediaFront module 6.x-1.x prior to 6.x-1.5 and 7.x-1.x prior to 7.x-1.5 for Drupal, allow remote malicious users to inject arbitrary web script or...
Mediafront Mediafront 6.x-1.0-beta3
Mediafront Mediafront 6.x-1.0
Mediafront Mediafront 6.x-1.1
Mediafront Mediafront 6.x-1.2
Mediafront Mediafront 6.x-1.x
Mediafront Mediafront 6.x-1.3
NA
CVE-2022-35503
Improper verification of a user input in Open Source MANO v7-v12 allows an authenticated malicious user to execute arbitrary code within the LCM module container via a Virtual Network Function (VNF) descriptor. An attacker may be able execute code to change the normal execution o...
NA
CVE-2024-22519
An issue discovered in OpenDroneID OSM 3.5.1 allows malicious users to impersonate other drones via transmission of crafted data packets.
Sorenfriis Opendroneid Osm 3.5.1
1 Github repository
NA
CVE-2022-4676
The OSM WordPress plugin up to and including 6.01 does not validate and escape some of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
Openstreetmap Openstreetmap
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »