Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
secure os vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2018-12465
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-20...
Microfocus Secure Messaging Gateway
1 EDB exploit
9
CVSSv2
CVE-2018-0152
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to gain elevated privileges on an affected device. The vulnerability exists because the affected software does not reset the privilege level for e...
Cisco Ios Xe 16.1.1
9
CVSSv2
CVE-2017-17867
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed becau...
Intenogroup Iopsys
Intenogroup Iopsys 4.0
1 EDB exploit
1 Github repository
9
CVSSv2
CVE-2017-12230
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an authenticated, remote malicious user to elevate their privileges on an affected device. The vulnerability is due to incorrect default permission settings for new users who are created by ...
Cisco Ios Xe 16.2.1
9
CVSSv2
CVE-2016-9091
Blue Coat Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.4 and Content Analysis System (CAS) 1.3 prior to 1.3.7.4 are susceptible to an OS command injection vulnerability. An authenticated malicious administrator can execute arbitrary OS commands with elevated system privileges...
Bluecoat Advanced Secure Gateway
Bluecoat Content Analysis System Software
2 EDB exploits
1 Github repository
9
CVSSv2
CVE-2014-0649
The RMI interface in Cisco Secure Access Control System (ACS) 5.x prior to 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.
Cisco Secure Access Control System 5.4.0.46.3
Cisco Secure Access Control System 5.4.0.46.4
Cisco Secure Access Control System 5.4.0.46.5
Cisco Secure Access Control System 5.3.0.40.6
Cisco Secure Access Control System 5.3.0.40.2
Cisco Secure Access Control System 5.3.0.40.3
Cisco Secure Access Control System 5.1
Cisco Secure Access Control System 5.1.0.44
Cisco Secure Access Control System 5.2.0.26
Cisco Secure Access Control System 5.2.0.26.1
Cisco Secure Access Control System 5.3.0.40.7
Cisco Secure Access Control System 5.1.0.44.3
Cisco Secure Access Control System 5.1.0.44.4
Cisco Secure Access Control System 5.4.0.46.1
Cisco Secure Access Control System 5.4.0.46.2
Cisco Secure Access Control System 5.3.0.40.4
Cisco Secure Access Control System 5.3.0.40.5
Cisco Secure Access Control System 5.1.0.44.1
Cisco Secure Access Control System 5.1.0.44.2
Cisco Secure Access Control System 5.2.0.26.2
Cisco Secure Access Control System
Cisco Secure Access Control System 5.3.0.40.1
1 Article
8.5
CVSSv2
CVE-2021-1443
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sa...
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.9.1c
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.9.1d
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.9.1a
Cisco Ios Xe 16.9.2a
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.11.1
Cisco Ios Xe 17.1.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1t
Cisco Ios Xe 16.11.2
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1x
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1s
7.8
CVSSv2
CVE-2019-11477
Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kern...
Linux Linux Kernel
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Firewall Manager 15.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 15.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Acceleration Manager 15.0.0
F5 Big-ip Link Controller
F5 Big-ip Link Controller 15.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Policy Enforcement Manager 15.0.0
F5 Big-ip Webaccelerator
F5 Big-ip Webaccelerator 15.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Application Security Manager 15.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Local Traffic Manager 15.0.0
F5 Big-ip Fraud Protection Service
F5 Big-ip Fraud Protection Service 15.0.0
F5 Big-ip Global Traffic Manager
F5 Big-ip Global Traffic Manager 15.0.0
F5 Big-ip Analytics
7 Github repositories
1 Article
7.8
CVSSv2
CVE-2018-0470
A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software impr...
Cisco Ios Xe 16.2.0
Cisco Ios Xe 16.3\\(1\\)
7.8
CVSSv2
CVE-2018-0156
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper val...
Cisco Ios 15.2\\(2\\)e4
Cisco Ios 15.2\\(2a\\)ja
Cisco Ios Xe 15.2\\(2\\)e4
Cisco Ios Xe 15.2\\(2a\\)ja
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »