Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stefan pietsch vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-15753
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decrypt transmitted data such as the login username and password.
Mensamax Mensamax 4.3
4.3
CVSSv2
CVE-2018-15752
An issue exists in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. Cleartext Transmission of Sensitive Information allows man-in-the-middle malicious users to eavesdrop authentication information between the application and the server.
Mensamax Mensamax 4.3
6.8
CVSSv2
CVE-2021-41843
An authenticated SQL injection issue in the calendar search function of OpenEMR 6.0.0 before patch 3 allows an malicious user to read data from all tables of the database via the parameter provider_id, as demonstrated by the /interface/main/calendar/index.php?module=PostCalendar&...
Open-emr Openemr 6.0.0
NA
CVE-2022-38756
A vulnerability has been identified in Micro Focus GroupWise Web in versions before 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.
Microfocus Groupwise
4.3
CVSSv2
CVE-2017-7887
Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall parameter.
Dolibarr Dolibarr Erp\\/crm 4.0.4
7.5
CVSSv2
CVE-2017-7886
Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.
Dolibarr Dolibarr Erp\\/crm 4.0.4
5
CVSSv2
CVE-2017-7888
Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.
Dolibarr Dolibarr Erp\\/crm 4.0.4
5
CVSSv2
CVE-2020-28208
An email address enumeration vulnerability exists in the password reset function of Rocket.Chat up to and including 3.9.1.
Rocket.chat Rocket.chat
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started