Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
proton vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-7274
Optergy Proton/Enterprise devices allow Authenticated File Upload with Code Execution as root.
Optergy Proton
Optergy Enterprise
1 EDB exploit
9.8
CVSSv3
CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console.
Optergy Proton
Optergy Enterprise
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2019-7273
Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF).
Optergy Proton
Optergy Enterprise
1 EDB exploit
7.4
CVSSv3
CVE-2019-0223
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenS...
Apache Qpid
Redhat Jboss Amq Clients 2 -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 6.6
Redhat Enterprise Linux Eus 6.7
Redhat Enterprise Linux Server Aus 6.5
Redhat Enterprise Linux Server Aus 6.4
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Satellite 6.3
1 Github repository
7.4
CVSSv3
CVE-2018-17187
The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl(...)' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a ...
Apache Qpid Proton-j
7.3
CVSSv3
CVE-2019-7279
Optergy Proton/Enterprise devices have Hard-coded Credentials.
Optergy Enterprise
Optergy Proton
6.5
CVSSv3
CVE-2019-7278
Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending Service.
Optergy Enterprise
Optergy Proton
6.5
CVSSv3
CVE-2016-2166
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton prior to 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow man-in-the-mid...
Apache Qpid Proton
Fedoraproject Fedora 23
6.1
CVSSv3
CVE-2019-7275
Optergy Proton/Enterprise devices allow Open Redirect.
Optergy Proton
Optergy Enterprise
5.9
CVSSv3
CVE-2016-4467
The C client and C-based client bindings in the Apache Qpid Proton library prior to 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the SChan...
Apache Qpid Proton 0.12.0
Apache Qpid Proton 0.12.1
Apache Qpid Proton 0.13.0
Apache Qpid Proton 0.11.1
Apache Qpid Proton 0.11.0
Apache Qpid Proton 0.10.0
Apache Qpid Proton 0.9.1
Apache Qpid Proton 0.12.2
Apache Qpid Proton 0.9.0
Apache Qpid Proton 0.8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »