Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spectrum control vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-8252
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2021-20532
IBM Spectrum Protect Client 8.1.0.0 up to and including 8.1.11.0 could allow a local user to escalate their privileges to take full control of the system due to insecure directory permissions. IBM X-Force ID: 198811.
Ibm Spectrum Protect Backup-archive Client
Ibm Spectrum Protect For Virtual Environments
7.5
CVSSv3
CVE-2020-8169
curl 7.62.0 up to and including 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).
Haxx Curl
Siemens Simatic Tim 1531 Irc Firmware
Debian Debian Linux 10.0
Siemens Sinec Infrastructure Network Services
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
7.4
CVSSv3
CVE-2020-8201
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an malicious user to hijack user sessions, poison cookies, perform clickjacking, and a multitude of other attac...
Nodejs Node.js
Opensuse Leap 15.2
Fedoraproject Fedora 33
1 Github repository
9.1
CVSSv3
CVE-2021-39063
IBM Spectrum Protect Plus 10.1.0.0 up to and including 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an malicious user to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 21...
Ibm Spectrum Protect Plus
5.5
CVSSv3
CVE-2020-4631
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372...
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4482
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. A user with access to a snapshot could apply unauthorized additional statuses via direct rest calls. IBM X-Force ID: 181856.
Ibm Urbancode Deploy 7.0.3.0
Ibm Urbancode Deploy 7.0.4.0
Ibm Urbancode Deploy 6.2.7.3
Ibm Urbancode Deploy 6.2.7.4
8.8
CVSSv3
CVE-2020-4700
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.3.2 and 5.2.0.0 up to and including 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.
Ibm Sterling B2b Integrator
9.8
CVSSv3
CVE-2019-0230
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Apache Struts
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Mysql Enterprise Monitor
10 Github repositories
1 Article
7.5
CVSSv3
CVE-2019-0233
An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.
Apache Struts
Oracle Communications Policy Management 12.5.0
Oracle Financial Services Data Integration Hub 8.0.3
Oracle Financial Services Data Integration Hub 8.0.6
Oracle Financial Services Market Risk Measurement And Management 8.0.6
Oracle Mysql Enterprise Monitor
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »