Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflection vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv3
CVE-2020-2100
Jenkins 2.218 and previous versions, LTS 2.204.1 and previous versions was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
Jenkins Jenkins
1 Github repository
9.8
CVSSv3
CVE-2018-9919
A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 up to and including 2.0.8, which allows remote malicious users to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-do...
Tp-shop Tp-shop
7.5
CVSSv3
CVE-2021-36630
DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote malicious users to perform DOS attacks via crafted request.
Ruckuswireless Sz-300 Firmware
Ruckuswireless Sz-144 Firmware
Ruckuswireless Sz-100 Firmware
Ruckuswireless Vsz Firmware
1 Github repository
9.8
CVSSv3
CVE-2014-9515
Dozer improperly uses a reflection-based approach to type conversion, which might allow remote malicious users to execute arbitrary code via a crafted serialized object.
Dozer Project Dozer
6.1
CVSSv3
CVE-2022-37724
Project Wonder WebObjects 1.0 up to and including 5.4.3 is vulnerable to Arbitrary HTTP Header injection and URL- or Header-based XSS reflection in all web-server adaptor interfaces.
Apple Webobjects
7.5
CVSSv3
CVE-2016-9182
Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the method name to check user permission. But, the method name in PHP reflection is case insensitive, and Exponent CMS permits undefined actions to execute by default, so an attacker can us...
Exponentcms Exponent Cms 2.4.0
9.8
CVSSv3
CVE-2024-0200
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into a...
Github Enterprise Server
NA
CVE-2009-2724
Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."
Sun Java Se
NA
CVE-2015-2984
I-O DATA DEVICE WN-G54/R2 routers with firmware prior to 1.03 and NP-BBRS routers allow remote malicious users to cause a denial of service (SSDP reflection) via UPnP requests.
Iodata Wn-g54\\/r2 Firmware
NA
CVE-2010-1383
CFNetwork in Apple Safari prior to 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.
Apple Safari 1.3.1
Apple Safari 1.2.4
Apple Safari 1.2.2
Apple Safari 2.0.2
Apple Safari 1.1.0
Apple Safari 1.0.1
Apple Safari 1.0.0
Apple Safari 2.0.3
Apple Safari 1.0
Apple Safari 2
Apple Safari 1.2
Apple Safari 2.0.1
Apple Safari 1.3.2
Apple Safari 1.1.1
Apple Safari 1.0.3
Apple Safari 1.0.2
Apple Safari 5.0.1
Apple Safari 3.0.0
Apple Safari 2.0.4
Apple Safari 2.0.0
Apple Safari 3.0.1b
Apple Safari 1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »