Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sweet vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2017-12542
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version before 2.53 was found.
Hp Integrated Lights-out 4 Firmware
1 EDB exploit
24 Github repositories
9.8
CVSSv3
CVE-2017-5689
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged netwo...
Intel Active Management Technology Firmware 6.1
Intel Active Management Technology Firmware 6.2
Intel Active Management Technology Firmware 10.0
Intel Active Management Technology Firmware 11.0
Intel Active Management Technology Firmware 6.0
Intel Active Management Technology Firmware 9.0
Intel Active Management Technology Firmware 9.1
Intel Active Management Technology Firmware 9.5
Intel Active Management Technology Firmware 7.0
Intel Active Management Technology Firmware 7.1
Intel Active Management Technology Firmware 11.5
Intel Active Management Technology Firmware 11.6
Intel Active Management Technology Firmware 8.0
Intel Active Management Technology Firmware 8.1
1 EDB exploit
2 Metasploit modules
1 Nmap script
36 Github repositories
3 Articles
7.5
CVSSv3
CVE-2019-15160
The SweetXml (aka sweet_xml) package up to and including 0.6.6 for Erlang and Elixir allows malicious users to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD.
Kbrw Sweet Xml
6.1
CVSSv3
CVE-2017-18262
Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for handling Shibboleth logins, as demonstrated by a webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl= URI.
Blackboard Blackboard Learn 9.1
Blackboard Blackboard Learn
5.3
CVSSv3
CVE-2022-23003
When computing a shared secret or point multiplication on the NIST P-256 curve that results in an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output may cause an error when used in other operations....
Westerndigital Sweet B 1
5.3
CVSSv3
CVE-2022-23001
When compressing or decompressing elliptic curve points using the Sweet B library, an incorrect choice of sign bit is used. An attacker with user level privileges and no other user's assistance can exploit this vulnerability with only knowledge of the public key and the libr...
Westerndigital Sweet B 1
5.3
CVSSv3
CVE-2022-23002
When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be l...
Westerndigital Sweet B 1
5.3
CVSSv3
CVE-2022-23004
When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an malicious user to cau...
Westerndigital Sweet B 1
4.7
CVSSv3
CVE-2018-14995
The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V/20180120.095344:user/release-keys, the ZTE Blade Spark Android device with a build fingerprint of ZTE/Z971/peony:7.1.1/NMF26V/20171129.143111:user/release-keys, the ZTE ZMAX Pro Android d...
Zteusa Zte Blade Vantage Firmware 7.1.1
Zteusa Zte Blade Spark Firmware 7.1.1
Zteusa Zte Zmax Pro Firmware 6.0.1
Zteusa Zte Zmax Champ Firmware 6.0.1
NA
CVE-2010-3212
SQL injection vulnerability in index.php in Seagull 0.6.7 and previous versions allows remote malicious users to execute arbitrary SQL commands via the frmQuestion parameter in a retrieve action, in conjunction with a user/password PATH_INFO.
Seagullproject.org Seagull
Seagullproject.org Seagull 0.6.0
Seagullproject.org Seagull 0.6.4
Seagullproject.org Seagull 0.6.3
Seagullproject.org Seagull 0.4.6
Seagullproject.org Seagull 0.6.2
Seagullproject.org Seagull 0.6.1
Seagullproject.org Seagull 0.6.6
Seagullproject.org Seagull 0.6.5
Seagullproject.org Seagull 0.4.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »