Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tower vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-28161
In Jenkins Delphix Plugin 3.0.1, a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections is disabled by default.
NA
CVE-2024-28162
In Jenkins Delphix Plugin 3.0.1 up to and including 3.1.0 (both inclusive) a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower (DCT) connections fails to take effect until Jenkins is restarted when switching from disabled ...
6.7
CVSSv3
CVE-2023-32469
Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution.
Dell Precision 5820 Firmware
Dell Precision 7820 Firmware
Dell Precision 7920 Firmware
8.8
CVSSv3
CVE-2021-4112
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an malicious user to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment.
Redhat Ansible Tower 3.0
Redhat Ansible Automation Platform Early Access 2.0
Redhat Ansible Automation Platform Text-only Advisories -
Redhat Ansible Automation Platform 2.0
Redhat Ansible Automation Platform 2.1
6.1
CVSSv3
CVE-2021-20137
A reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/site_access/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attack...
Gryphonconnect Gryphon Tower Firmware
8.8
CVSSv3
CVE-2021-20138
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted...
Gryphonconnect Gryphon Tower Firmware
8.8
CVSSv3
CVE-2021-20139
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted m...
Gryphonconnect Gryphon Tower Firmware
8.8
CVSSv3
CVE-2021-20140
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted ...
Gryphonconnect Gryphon Tower Firmware
8.8
CVSSv3
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted ...
Gryphonconnect Gryphon Tower Firmware
8.8
CVSSv3
CVE-2021-20142
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted ...
Gryphonconnect Gryphon Tower Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »