Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
portcullis-security.com vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5370
Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon prior to 7.1.1.18527 allows remote malicious users to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.
New Atlanta Bluedragon
1 EDB exploit
NA
CVE-2014-0372
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to DM Othe...
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 12.2.1
Oracle Supply Chain Products Suite Sql-server 12.2.2
Oracle Supply Chain Products Suite Sql-server 7.3.1
Oracle Supply Chain Products Suite Sql-server 12.2.0
1 EDB exploit
NA
CVE-2014-0379
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote malicious users to affect integrity via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 12.2.1
Oracle Supply Chain Products Suite Sql-server 12.2.2
Oracle Supply Chain Products Suite Sql-server 7.3.1
Oracle Supply Chain Products Suite Sql-server 12.2.0
1 EDB exploit
NA
CVE-2014-5462
Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and previous versions allow remote authenticated users to execute arbitrary SQL commands via the (1) layout_id parameter to interface/super/edit_layout.php; (2) form_patient_id, (3) form_drug_name, or (4) form_lot_...
Open-emr Openemr
1 EDB exploit
NA
CVE-2014-2043
SQL injection vulnerability in Resources/System/Templates/Data.aspx in Procentia IntelliPen prior to 1.1.18.1658 allows remote authenticated users to execute arbitrary SQL commands via the value parameter.
Procentia Intellipen
1 EDB exploit
NA
CVE-2013-5877
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite 7.2.0.3
Oracle Supply Chain Products Suite Sql-server 7.3.0
Oracle Supply Chain Products Suite Sql-server 12.2.0
Oracle Supply Chain Products Suite Sql-server 7.3.1
Oracle Supply Chain Products Suite Sql-server 12.2.1
1 EDB exploit
NA
CVE-2013-5880
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 12.2.0, 12.2.1, and 12.2.2 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.
Oracle Supply Chain Products Suite 12.2.2
Oracle Supply Chain Products Suite 12.2.0
Oracle Supply Chain Products Suite 12.2.1
1 EDB exploit
NA
CVE-2014-3977
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-2179.
Ibm Vios 2.2.1.8
Ibm Vios 2.2.2.4
Ibm Vios 2.2.1.1
Ibm Vios 2.2.1.3
Ibm Vios 2.2.3.3
Ibm Aix 7.1
Ibm Vios 2.2.3.2
Ibm Vios 2.2.0.10
Ibm Vios 2.2.1.4
Ibm Aix 6.1
Ibm Vios 2.2.0.13
Ibm Vios 2.2.1.0
Ibm Vios 2.2.2.5
Ibm Vios 2.2.3.0
Ibm Vios 2.2.0.11
Ibm Vios 2.2.0.12
Ibm Vios 2.2.1.9
Ibm Vios 2.2.2.0
1 EDB exploit
6.1
CVSSv3
CVE-2014-2045
Multiple cross-site scripting (XSS) vulnerabilities in the old and new interfaces in Viprinet Multichannel VPN Router 300 allow remote malicious users to inject arbitrary web script or HTML via the username when (1) logging in or (2) creating an account in the old interface, (3) ...
Viprinet Multichannel Vpn Router 300 Firmware 2013080900
Viprinet Multichannel Vpn Router 300 Firmware 2013070830
1 EDB exploit
NA
CVE-2014-2383
dompdf.php in dompdf prior to 0.6.1, when DOMPDF_ENABLE_PHP is enabled, allows context-dependent malicious users to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input_file parameter, as demonstrated by a php://filter/read=convert.base6...
Dompdf Dompdf
1 EDB exploit
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »