Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
traffic server vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2020-26197
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2 vulnerability. It may make it easier to eavesdrop and decrypt such traffic for a malicious actor. Note: This does not affect clusters which are not relying on an LDAP server for the au...
Dell Emc Powerscale Onefs 8.1.0
Dell Emc Powerscale Onefs 8.1.1
Dell Emc Powerscale Onefs 8.1.2
Dell Emc Powerscale Onefs 8.2.2
9.1
CVSSv3
CVE-2019-9750
In IoTivity up to and including 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the cons...
Iotivity Iotivity
9.1
CVSSv3
CVE-2019-6592
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
9.1
CVSSv3
CVE-2018-9302
SSRF (Server Side Request Forgery) in /assets/lib/fuc.js.php in Cockpit 0.4.4 up to and including 0.5.5 allows remote malicious users to read arbitrary files or send TCP traffic to intranet hosts via the url parameter. NOTE: this vulnerability exists because of an incomplete fix ...
Getcockpit Cockpit
1 EDB exploit
9.1
CVSSv3
CVE-2017-14611
SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote malicious users to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component.
Agentejo Cockpit 0.13.0
9.1
CVSSv3
CVE-2017-14487
The OhMiBod Remote app for Android and iOS allows remote malicious users to impersonate users by sniffing network traffic for search responses from the OhMiBod API server and then editing the username, user_id, and token fields in data/data/com.ohmibod.remote2/shared_prefs/OMB.xm...
Ohmibod Ohmibod Remote
9.1
CVSSv3
CVE-2017-9788
In Apache httpd prior to 2.2.34 and 2.4.x prior to 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '...
Apache Http Server
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Apple Mac Os X
Netapp Storage Automation Store -
Netapp Oncommand Unified Manager -
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Tus 7.4
Redhat Enterprise Linux Server Eus 7.5
1 Github repository
9.1
CVSSv3
CVE-2016-4694
The Apache HTTP Server in Apple OS X prior to 10.12 and OS X Server prior to 5.2 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted CGI client data in the HTTP_PROXY environment variable, which might allow remote malicious u...
Apple Os X Server
Apple Mac Os X
9.1
CVSSv3
CVE-2011-3188
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel prior to 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote malicious users to cause a denial of service (disrupted networking) or hijack ...
Linux Linux Kernel
Redhat Enterprise Linux 4.0
F5 Enterprise Manager 3.0.0
F5 Firepass 7.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Edge Gateway
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Webaccelerator
F5 Big-ip Wan Optimization Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Application Security Manager
F5 Firepass
F5 Arx
F5 Enterprise Manager
F5 Big-ip Analytics
9
CVSSv3
CVE-2023-39347
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-pr...
Cilium Cilium
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »