Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-12251
A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote malicious user to interact maliciously with the services or virtual machines (VMs) operating remotely on an affected CSP device. The vulnerability is due to wea...
Cisco Cloud Services Platform 2100 2.1.0
Cisco Cloud Services Platform 2100 2.2.2
Cisco Cloud Services Platform 2100 2.1.1
Cisco Cloud Services Platform 2100 2.1.2
Cisco Cloud Services Platform 2100 2.2.0
Cisco Cloud Services Platform 2100 2.2.1
5
CVSSv2
CVE-2012-0902
AirTies Air 4450 1.1.2.18 allows remote malicious users to cause a denial of service (reboot) via a direct request to cgi-bin/loader.
Airties Air 4450 1.1.2.18
1 EDB exploit
5
CVSSv2
CVE-2014-8036
The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote malicious users to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254.
Cisco Webex Meetings Server -
6.5
CVSSv2
CVE-2015-0768
The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login sess...
Cisco Prime Network Control System 2.1\\(0.0.85\\)
Cisco Prime Network Control System 2.2\\(0.0.58\\)
Cisco Prime Network Control System 2.2\\(0.0.69\\)
NA
CVE-2022-37255
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User --- and Password TPL075526460603.
Tp-link Tapo C310 Firmware 1.3.0
7.5
CVSSv2
CVE-2018-0130
A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote malicious user to gain administrative access to an affected system. The vulnerability is due to the presence of stati...
Cisco Virtual Managed Services 3.0
NA
CVE-2023-20230
A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote malicious user to read, modify, or delete non-tenant policies (for example, access policies) created by users associa...
Cisco Application Policy Infrastructure Controller
3.3
CVSSv2
CVE-2019-1805
A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent malicious user to access a CLI instance on an affected device. The vulnerability is due ...
Cisco Wireless Lan Controller Software 8.3\\(141.0\\)
7.5
CVSSv2
CVE-2001-1188
mailto.exe in Brian Dorricott MAILTO 1.0.9 and previous versions allows remote malicious users to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.
Brian Dorricott Mailto 1.0.7
Brian Dorricott Mailto 1.0.8
Brian Dorricott Mailto 1.0.9
1 EDB exploit
6.4
CVSSv2
CVE-2003-1521
Sun Java Plug-In 1.4 up to and including 1.4.2_02 allows remote malicious users to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
Sun Java Plug-in 1.4
Sun Java Plug-in 1.4.2
Sun Java Plug-in 1.4.2 01
Sun Java Plug-in 1.4.2 02
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »