Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-26520
In pgjdbc prior to 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JS...
Postgresql Postgresql Jdbc Driver
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2021-43927
Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in Security Management functionality in Synology DiskStation Manager (DSM) prior to 7.0.1-42218-2 allows remote malicious users to inject SQL commands via unspecified vect...
Synology Diskstation Manager
9.8
CVSSv3
CVE-2022-21724
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin ...
Postgresql Postgresql Jdbc Driver
Postgresql Postgresql Jdbc Driver 42.3.2
Fedoraproject Fedora 35
Quarkus Quarkus
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
8 Github repositories
9.8
CVSSv3
CVE-2022-23305
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows malicious users to manipulate the SQL by ent...
Apache Log4j
Netapp Snapmanager -
Broadcom Brocade Sannav -
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2021-44790
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Ser...
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Tenable Tenable.sc
Netapp Cloud Backup -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
Oracle Communications Element Manager
Oracle Communications Session Report Manager
Oracle Communications Session Route Manager
Apple Macos
Apple Mac Os X 10.15.7
3 Github repositories
9.8
CVSSv3
CVE-2021-40996
A remote authentication bypass vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has released patches for ...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager 6.9.7
9.8
CVSSv3
CVE-2021-40997
A remote authentication bypass vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has released patches for ...
Arubanetworks Clearpass Policy Manager
Arubanetworks Clearpass Policy Manager 6.8.9
Arubanetworks Clearpass Policy Manager 6.9.7
9.8
CVSSv3
CVE-2021-37736
A remote authentication bypass vulnerability exists in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x before 6.10.2 - - ClearPass Policy Manager 6.9.x before 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x before 6.8.9-HF1. Aruba has released patches for ...
Arubanetworks Clearpass Policy Manager
9.8
CVSSv3
CVE-2021-38124
Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 up to and including 7.5. The vulnerability could be exploited resulting in remote code execution.
Microfocus Arcsight Enterprise Security Manager
9.8
CVSSv3
CVE-2021-39275
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and previous versions.
Apache Http Server
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Cloud Backup -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Oracle Http Server 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
Siemens Sinema Server 14.0
Siemens Sinec Nms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »