Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redteam pentesting gmbh vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-1653
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote malicious user to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An at...
Cisco Rv320 Firmware 1.4.2.15
Cisco Rv320 Firmware 1.4.2.17
Cisco Rv325 Firmware 1.4.2.15
Cisco Rv325 Firmware 1.4.2.17
2 EDB exploits
2 Metasploit modules
7 Github repositories
2 Articles
9
CVSSv2
CVE-2019-1652
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to...
Cisco Rv320 Firmware 1.4.2.15
Cisco Rv325 Firmware 1.4.2.15
2 EDB exploits
2 Metasploit modules
2 Github repositories
2 Articles
5
CVSSv2
CVE-2016-8743
Apache HTTP Server, in all releases before 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these different behaviors represented a security concern when httpd participates in any chain of proxies or interac...
Apache Http Server
Netapp Clustered Data Ontap -
Netapp Oncommand Unified Manager -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Eus 7.3
Redhat Enterprise Linux Eus 7.4
Redhat Enterprise Linux Eus 7.5
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Eus 7.6
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
5
CVSSv2
CVE-2016-0736
In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnera...
Apache Http Server 2.4.1
Apache Http Server 2.4.20
Apache Http Server 2.4.6
Apache Http Server 2.4.0
Apache Http Server 2.4.12
Apache Http Server 2.4.3
Apache Http Server 2.4.23
Apache Http Server 2.4.8
Apache Http Server 2.4.10
Apache Http Server 2.4.7
Apache Http Server 2.4.14
Apache Http Server 2.4.22
Apache Http Server 2.4.2
Apache Http Server 2.4.19
Apache Http Server 2.4.16
Apache Http Server 2.4.9
Apache Http Server 2.4.21
1 EDB exploit
5
CVSSv2
CVE-2016-2161
In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.
Apache Http Server 2.4.1
Apache Http Server 2.4.20
Apache Http Server 2.4.6
Apache Http Server 2.4.0
Apache Http Server 2.4.12
Apache Http Server 2.4.3
Apache Http Server 2.4.23
Apache Http Server 2.4.8
Apache Http Server 2.4.10
Apache Http Server 2.4.7
Apache Http Server 2.4.14
Apache Http Server 2.4.22
Apache Http Server 2.4.2
Apache Http Server 2.4.19
Apache Http Server 2.4.16
Apache Http Server 2.4.9
Apache Http Server 2.4.21
6.8
CVSSv2
CVE-2015-8124
Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x prior to 2.3.35, 2.6.x prior to 2.6.12, and 2.7.x prior to 2.7.7 allows remote malicious users to hijack web sessions via a session id.
Sensiolabs Symfony 2.3.21
Sensiolabs Symfony 2.3.14
Sensiolabs Symfony 2.7.5
Sensiolabs Symfony 2.7.4
Sensiolabs Symfony 2.3.27
Sensiolabs Symfony 2.3.0
Sensiolabs Symfony 2.7.1
Sensiolabs Symfony 2.3.15
Sensiolabs Symfony 2.3.6
Sensiolabs Symfony 2.6.1
Sensiolabs Symfony 2.3.34
Sensiolabs Symfony 2.3.2
Sensiolabs Symfony 2.3.28
Sensiolabs Symfony 2.3.30
Sensiolabs Symfony 2.6.5
Sensiolabs Symfony 2.3.22
Sensiolabs Symfony 2.6.11
Sensiolabs Symfony 2.3.33
Sensiolabs Symfony 2.6.3
Sensiolabs Symfony 2.6.8
Sensiolabs Symfony 2.3.23
Sensiolabs Symfony 2.3.20
7.5
CVSSv2
CVE-2015-8125
Symfony 2.3.x prior to 2.3.35, 2.6.x prior to 2.6.12, and 2.7.x prior to 2.7.7 might allow remote malicious users to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices or (2) Symfony/Comp...
Sensiolabs Symfony 2.3.21
Sensiolabs Symfony 2.3.14
Sensiolabs Symfony 2.7.5
Sensiolabs Symfony 2.7.4
Sensiolabs Symfony 2.3.27
Sensiolabs Symfony 2.3.0
Sensiolabs Symfony 2.7.1
Sensiolabs Symfony 2.3.15
Sensiolabs Symfony 2.3.6
Sensiolabs Symfony 2.6.1
Sensiolabs Symfony 2.3.34
Sensiolabs Symfony 2.3.2
Sensiolabs Symfony 2.3.28
Sensiolabs Symfony 2.3.30
Sensiolabs Symfony 2.6.5
Sensiolabs Symfony 2.3.22
Sensiolabs Symfony 2.6.11
Sensiolabs Symfony 2.3.33
Sensiolabs Symfony 2.6.3
Sensiolabs Symfony 2.6.8
Sensiolabs Symfony 2.3.23
Sensiolabs Symfony 2.3.20
7.5
CVSSv2
CVE-2014-2303
Multiple SQL injection vulnerabilities in the file browser component (we_fs.php) in webEdition CMS prior to 6.2.7-s1.2 and 6.3.x up to and including 6.3.8 before -s1 allow remote malicious users to execute arbitrary SQL commands via the (1) table or (2) order parameter.
Webedition Webedition Cms 6.2.7.0
Webedition Webedition Cms 6.3.3.0
Webedition Webedition Cms 6.3.8.0
1 EDB exploit
4
CVSSv2
CVE-2011-0745
SugarCRM prior to 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable thro...
Sugarcrm Sugarcrm 5.5.2
Sugarcrm Sugarcrm 1.5d
Sugarcrm Sugarcrm 5.0.0
Sugarcrm Sugarcrm 4.2.1
Sugarcrm Sugarcrm 5.5.4
Sugarcrm Sugarcrm 4.5.0f
Sugarcrm Sugarcrm 1.1a
Sugarcrm Sugarcrm 4.0
Sugarcrm Sugarcrm 5.2g
Sugarcrm Sugarcrm 5.1c
Sugarcrm Sugarcrm 5.2d
Sugarcrm Sugarcrm 3.5.1
Sugarcrm Sugarcrm 1.1b
Sugarcrm Sugarcrm 4.0.1
Sugarcrm Sugarcrm 5.1.0
Sugarcrm Sugarcrm 5.5
Sugarcrm Sugarcrm 4.1
Sugarcrm Sugarcrm 1.0g
Sugarcrm Sugarcrm 6.1.0
Sugarcrm Sugarcrm 5.5.1
Sugarcrm Sugarcrm 6.0
Sugarcrm Sugarcrm 4.5.1
1 EDB exploit
7.5
CVSSv2
CVE-2011-0751
Directory traversal vulnerability in nhttpd (aka Nostromo webserver) prior to 1.9.4 allows remote malicious users to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI.
Nazgul Nostromo 1.7.5
Nazgul Nostromo 1.8
Nazgul Nostromo 1.7.7
Nazgul Nostromo 0.5
Nazgul Nostromo 1.7.9
Nazgul Nostromo 1.5
Nazgul Nostromo 1.8.3
Nazgul Nostromo 1.7.2
Nazgul Nostromo 0.4
Nazgul Nostromo 0.8
Nazgul Nostromo 1.7.8
Nazgul Nostromo 1.8.9
Nazgul Nostromo 1.8.2
Nazgul Nostromo 1.5.1
Nazgul Nostromo
Nazgul Nostromo 1.8.1
Nazgul Nostromo 1.7.4
Nazgul Nostromo 1.7.6
Nazgul Nostromo 1.8.7
Nazgul Nostromo 1.8.6
Nazgul Nostromo 0.9
Nazgul Nostromo 0.2
1 EDB exploit
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »