Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
scan engine vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28155
Jenkins AppSpider Plugin 1.0.16 and previous versions does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to obtain information about available scan config names, engine group names, and client names.
7.8
CVSSv3
CVE-2023-52090
A security agent link following vulnerability in Trend Micro Apex One could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...
Trendmicro Apex One 2019
Trendmicro Apex One
7.8
CVSSv3
CVE-2023-52091
An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local malicious user to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to ...
Trendmicro Apex One 2019
Trendmicro Apex One
7.8
CVSSv3
CVE-2024-0206
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry fol...
Trellix Anti-malware Engine 6600
9.8
CVSSv3
CVE-2022-36566
Rengine v1.3.0 exists to contain a command injection vulnerability via the scan engine function.
Yogeshojha Rengine 1.3.0
5.4
CVSSv3
CVE-2021-39491
A Cross Site Scripting (XSS) vulnerability exists in Yogesh Ojha reNgine v1.0 via the Scan Engine name file in the Scan Engine deletion confirmation modal box . .
Rengine Project Rengine
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1161 Github repositories
28 Articles
7.5
CVSSv3
CVE-2021-41799
MediaWiki prior to 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). ApiQueryBacklinks (action=query&list=backlinks) can cause a full table scan.
Mediawiki Mediawiki
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
5.5
CVSSv3
CVE-2021-25252
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
Trendmicro Apex Central 2019
Trendmicro Apex One 2019
Trendmicro Cloud Edge 5.0
Trendmicro Apex One -
Trendmicro Deep Security 10.0
Trendmicro Deep Security 11.0
Trendmicro Deep Security 12.0
Trendmicro Deep Security 20.0
Trendmicro Control Manager 7.0
Trendmicro Deep Discovery Analyzer 5.1
Trendmicro Deep Discovery Email Inspector 2.5
Trendmicro Deep Discovery Inspector 3.8
Trendmicro Interscan Messaging Security Virtual Appliance 9.1
Trendmicro Interscan Web Security Virtual Appliance 6.5
Trendmicro Officescan -
Trendmicro Portal Protect 2.6
Trendmicro Scanmail 14.0
Trendmicro Scanmail For Ibm Domino 5.8
Trendmicro Serverprotect For Storage 6.0
Trendmicro Serverprotect 5.8
Trendmicro Serverprotect For Network Appliance Filers 5.8
Trendmicro Safe Lock 1.1
5.5
CVSSv3
CVE-2021-25226
A memory exhaustion vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow a local malicious user to craft specific files that can cause a denial-of-service on the affected product. The specific flaw exists within a scan engine component. An attacker must first obta...
Trendmicro Serverprotect 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »