Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secret vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2021-27850
A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019...
Apache Tapestry
1 Metasploit module
3 Github repositories
1000
VMScore
CVE-2008-0960
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x prior to 5.2.4.1, 5.3.x prior to 5.3.2.1, and 5.4.x prior to 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 up to and including 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3R...
Juniper Session And Resource Control 2.0
Juniper Src Pe 1.0
Juniper Session And Resource Control 1.0
Juniper Src Pe 2.0
1 EDB exploit
891
VMScore
CVE-2022-21215
This vulnerability could allow an malicious user to force the server to create and execute a web request granting access to backend APIs that are only accessible to the Mimosa MMP server, or request pages that could perform some actions themselves. The attacker could force the se...
Airspan Mimosa Management Platform
Airspan C6x Firmware
Airspan C5x Firmware
Airspan C5c Firmware
Airspan A5x Firmware
890
VMScore
CVE-2021-40494
A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI up to and including 2.1.3 allows malicious users to gain admin access to the host system.
Adaptivescale Lxdui
890
VMScore
CVE-2020-24719
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use t...
Couchbase Couchbase Server
890
VMScore
CVE-2019-13352
WolfVision Cynap prior to 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an attacker can reset the ADMIN pass...
Wolfvision Cynap
890
VMScore
CVE-2019-1804
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote malicious user to connect to the affected system with the privileges of the root user. The vulnerability ...
Cisco Nexus 9332pq Firmware 14.0\\(3d\\)
Cisco Nexus 93180yc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 93128tx Firmware 14.0\\(3d\\)
Cisco Nexus 93120tx Firmware 14.0\\(3d\\)
Cisco Nexus 93108tc-ex Firmware 14.0\\(3d\\)
Cisco Nexus 9516 Firmware 14.0\\(3d\\)
Cisco Nexus 9508 Firmware 14.0\\(3d\\)
Cisco Nexus 9504 Firmware 14.0\\(3d\\)
Cisco Nexus 9500 Firmware 14.0\\(3d\\)
Cisco Nexus 9396tx Firmware 14.0\\(3d\\)
Cisco Nexus 9396px Firmware 14.0\\(3d\\)
Cisco Nexus 9372tx Firmware 14.0\\(3d\\)
Cisco Nexus 9372px Firmware 14.0\\(3d\\)
1 Article
890
VMScore
CVE-2013-3712
SUSE Studio Onsite 1.3.x prior to 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
Suse Studio Onsite 1.3
Suse Studio Onsite 1.3.1
Suse Studio Onsite 1.3.3
Suse Studio Onsite 1.3.5
Suse Studio Onsite 1.3.2
Suse Studio Onsite 1.3.4
Suse Studio Extension For System Z 1.3
890
VMScore
CVE-2012-2974
The web interface on the SMC SMC8024L2 switch allows remote malicious users to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) sec...
Smc Smc8024l2 Switch
890
VMScore
CVE-2008-1155
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x prior to 3.6.4.4, 4.0.x prior to 4.0.6, and 4.1.x prior to 4.1.2 allows remote malicious users to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Cisco Network Admission Control 3.5
Cisco Network Admission Control 3.6
Cisco Network Admission Control 4.0
Cisco Network Admission Control 4.0.0.1
Cisco Network Admission Control 4.1
Cisco Network Admission Control 4.1.0
Cisco Network Admission Control 3.6.4.1
Cisco Network Admission Control 3.6.4.2
Cisco Network Admission Control 4.0.3.3
Cisco Network Admission Control 4.0.5.0
Cisco Network Admission Control 3.6.0
Cisco Network Admission Control 3.6.0.1
Cisco Network Admission Control 3.6.1.1
Cisco Network Admission Control 4.0.2.1
Cisco Network Admission Control 4.0.2.2
Cisco Network Admission Control
Cisco Network Admission Control 3.6.2.1
Cisco Network Admission Control 3.6.2.2
Cisco Network Admission Control 4.0.3.1
Cisco Network Admission Control 4.0.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »