Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
storm vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2002-2208
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 up to and including 12.2 and other products, allows remote malicious users to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in...
Extended Interior Gateway Routing Protocol Extended Interior Gateway Routing Protocol 1.2
Cisco Ios 11.3
Cisco Ios 12.0
Cisco Ios 12.1
Cisco Ios 12.2
7.5
CVSSv2
CVE-2021-38294
A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x before 2.2.1 and Apache Storm 1.x before 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to authentication.
Apache Storm
7.5
CVSSv2
CVE-2021-40865
An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. ...
Apache Storm
1 Github repository
7.5
CVSSv2
CVE-2018-11779
In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.
Apache Storm
7.5
CVSSv2
CVE-2008-7172
Lightweight news portal (LNP) 1.0b does not properly restrict access to administrator functionality, which allows remote malicious users to gain administrator privileges via direct requests to admin.php with the (1) potd_delete, (2) potd, (3) vote_update, (4) vote, or (5) modifyn...
Yanick Bourbeau Lightweight News Portal 1.0b
1 EDB exploit
7.5
CVSSv2
CVE-2008-6813
SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote malicious users to execute arbitrary SQL commands via the id_kat parameter.
Surat Kabar Phpwebnews 0.2
1 EDB exploit
7.5
CVSSv2
CVE-2007-4816
Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote malicious users to have an unknown impact via a long (1) URL, (2) backImage, or (3) titleImage property value; (4) a long first argument to the advancedOpen method; a long argument to the (5) ...
Baofeng Storm 2.9
Baofeng Storm 2.8
1 EDB exploit
7.5
CVSSv2
CVE-2005-4437
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote malicious users to sniff message hashes and (1) replay EI...
Extended Interior Gateway Routing Protocol Extended Interior Gateway Routing Protocol 1.2
7.5
CVSSv2
CVE-2004-1567
profile.php in Silent Storm Portal 2.1 and 2.2 allows remote malicious users to gain privileges by setting the mail parameter to 1, which is the value for an administrator.
1 EDB exploit
7.5
CVSSv2
CVE-2004-2037
Buffer overflow in Mollensoft Lightweight FTP Server 3.6 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long CWD command, as demonstrated in one example by using the "cd" command in an interactive FTP cli...
Mollensoft Software Lightweight Ftp Server 3.6
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »