Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unauthorized vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-2074
The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to write to arbitrary files via a full pathname, aka SAP Note 2018681.
Sap Businessobjects Edge 4.0
7.5
CVSSv2
CVE-2003-0752
SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote malicious users to bypass authentication via a modified cook_id parameter.
Attila-php.net Attilaphp
1 EDB exploit
NA
CVE-2021-1410
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests...
7.2
CVSSv2
CVE-2019-1601
A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local malicious user to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted d...
Cisco Nx-os
2.1
CVSSv2
CVE-2021-1128
A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local malicious user to view more information than their privileges allow. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An ...
Cisco Ios Xr
Cisco Ios Xr 7.2.0
Cisco Ios Xr 7.3.0
7.5
CVSSv2
CVE-2005-0316
WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote malicious users to bypass intended access restrictions.
Webwasher Webwasher Classic 2.2.1
Webwasher Webwasher Classic 3.3
1 EDB exploit
6.5
CVSSv2
CVE-2015-0768
The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(0.0.58), and 2.2(0.0.69) does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login sess...
Cisco Prime Network Control System 2.1\\(0.0.85\\)
Cisco Prime Network Control System 2.2\\(0.0.58\\)
Cisco Prime Network Control System 2.2\\(0.0.69\\)
4
CVSSv2
CVE-2015-4225
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuq77485.
Cisco Nx-os 1.0\\(1.110a\\)
Cisco Nx-os 1.0\\(1e\\)
5
CVSSv2
CVE-2004-2636
TinyWeb 1.9 allows remote malicious users to read source code of scripts via "/./" in the URL.
1 EDB exploit
5
CVSSv2
CVE-2004-0671
Brightmail Spamfilter 6.0 and previous versions beta releases allows remote malicious users to read mail from other users by modifying the id parameter in a viewMsgDetails.do request.
Symantec Brightmail Antispam 6.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »