Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
patch vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2014-9637
GNU patch 2.7.2 and previous versions allows remote malicious users to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Mageia Mageia 4.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 12.04
Gnu Patch
4.3
CVSSv2
CVE-2019-12631
A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficien...
Cisco Identity Services Engine 2.6
Cisco Identity Services Engine 2.4
Cisco Identity Services Engine
10
CVSSv2
CVE-2004-0650
UploadServlet in Cisco Collaboration Server (CCS) running ServletExec prior to 3.0E allows remote malicious users to upload and execute arbitrary files via a direct call to the UploadServlet URL.
Newatlanta Servletexec 3.0
Newatlanta Servletexec 2.2
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1162 Github repositories
28 Articles
9.3
CVSSv2
CVE-2017-6753
A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote malicious user to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extens...
Cisco Webex Event Center T31 Base
Cisco Webex Meetings Server 2.8 Base
Cisco Webex Meetings Server 2.5 Mr5
Cisco Webex Meetings Server 2.6 Mr1
Cisco Webex Meetings Server 2.5 Mr6
Cisco Webex Meetings Server 2.6 Mr2
Cisco Webex Meetings Server 2.0 Mr9 Patch 2
Cisco Webex Meetings Server 2.0 Mr7
Cisco Webex Meetings Server 2.0 Mr9 Patch 3
Cisco Webex Event Center T30 Base
Cisco Webex Meetings Server 2.5 Mr2 Patch 1
Cisco Webex Training Center T30 Base
Cisco Webex Meetings Server 1.1 Base
Cisco Webex Meetings Server 2.5.99.2
Cisco Webex Meetings Server 2.6 Mr3 Patch 2
Cisco Webex Meetings Server 2.6 Mr1 Patch 1
Cisco Webex Meetings Server 2.7 Mr1 Patch 1
Cisco Webex Meetings Server 2.6.1.39
Cisco Webex Meetings Server 2.5.1.29
Cisco Webex Meetings Server 2.0 Base
Cisco Webex Meeting Center T32 Base
Cisco Webex Meetings Server 2.5 Mr5 Patch 1
1 Article
4
CVSSv2
CVE-2014-0665
The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to th...
Cisco Identity Services Engine Software -
4.3
CVSSv2
CVE-2014-0680
Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine (ISE) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCui15038.
Cisco Identity Services Engine -
4.3
CVSSv2
CVE-2014-0681
Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine (ISE) 1.2 patch 2 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a report containing a crafted URL that is not properly handled during generation of report-o...
Cisco Identity Services Engine Software
5
CVSSv2
CVE-2013-5521
Cisco Identity Services Engine does not properly restrict the creation of guest accounts, which allows remote malicious users to cause a denial of service (exhaustion of the account supply) via a series of requests within one session, aka Bug ID CSCue94287.
Cisco Identity Services Engine Software -
5
CVSSv2
CVE-2011-0951
The web-based management interface in Cisco Secure Access Control System (ACS) 5.1 prior to 5.1.0.44.6 and 5.2 prior to 5.2.0.26.3 allows remote malicious users to change arbitrary user passwords via unspecified vectors, aka Bug ID CSCtl77440.
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.4
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.1.0.44.5
Cisco Secure Access Control System 5.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »