Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2019-1659
A vulnerability in the Identity Services Engine (ISE) integration feature of Cisco Prime Infrastructure (PI) could allow an unauthenticated, remote malicious user to perform a man-in-the-middle attack against the Secure Sockets Layer (SSL) tunnel established between ISE and PI. T...
Cisco Prime Infrastructure
10
CVSSv2
CVE-2000-0177
DNSTools CGI applications allow remote malicious users to execute arbitrary commands via shell metacharacters.
Dnstools Software Dnstools
1 EDB exploit
5.8
CVSSv2
CVE-2020-3155
A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote malicious user to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions descr...
Cisco Intelligence Proximity
Cisco Jabber
Cisco Meeting
Cisco Webex Meetings
Cisco Webex Teams
Cisco Telepresence Codec C40 Firmware -
Cisco Telepresence Codec C60 Firmware -
Cisco Telepresence Codec C90 Firmware -
7.5
CVSSv2
CVE-2008-0173
SQL injection vulnerability in Gforge 4.6.99 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Gforge Gforge
7.2
CVSSv2
CVE-2004-0894
LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Datacenter 64-bit
1 EDB exploit
6.8
CVSSv2
CVE-2009-1561
Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote malicious users to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPassw...
Cisco Wrt54gc 1.05.7
1 EDB exploit
6.8
CVSSv2
CVE-2006-2803
Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field.
Deltascripts Php Manualmaker 1.0
1 EDB exploit
5.8
CVSSv2
CVE-2005-4363
Cross-site scripting (XSS) vulnerability in the search engine in Komodo CMS 2.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified search parameters.
Komodo Komodo Cms 2.1
1 EDB exploit
4.3
CVSSv2
CVE-2015-0005
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote malicious users to spoof the computer name of a secure channel's endpoint, and obtain sen...
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows 2003 Server
Microsoft Windows Server 2008
6.4
CVSSv2
CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote malicious users to predict transaction IDs and poison caches...
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »