Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vm server vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2020-2021
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based malicious...
Paloaltonetworks Pan-os
3 Github repositories
1 Article
9.3
CVSSv2
CVE-2016-5062
The web server in Aternity prior to 9.0.1 does not require authentication for getMBeansFromURL loading of Java MBeans, which allows remote malicious users to execute arbitrary Java code by registering MBeans.
Aternity Aternity
9.3
CVSSv2
CVE-2011-3551
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and previous versions, and JRockit R28.1.4 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability via unknown vecto...
Sun Jdk 1.7.0
Sun Jre 1.7.0
Oracle Jrockit R28.1.1
Oracle Jrockit R28.1.0
Oracle Jrockit R28.0.2
Oracle Jrockit R28.0.1
Oracle Jrockit R28.0.0
Oracle Jrockit
Oracle Jrockit R28.1.3
Sun Jre 1.6.0
Sun Jdk 1.6.0
Sun Jre
Sun Jdk
9
CVSSv2
CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly esc...
Linux Linux Kernel 5.17
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.2
Redhat Enterprise Linux For Real Time Tus 8.4
Redhat Enterprise Linux For Real Time Tus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Real Time For Nfv 8
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
1 Github repository
9
CVSSv2
CVE-2020-12967
The lack of nested page table protection in the AMD SEV/SEV-ES feature could potentially lead to arbitrary code execution within the guest VM if a malicious administrator has access to compromise the server hypervisor.
Amd Epyc 7232p -
Amd Epyc 7251 -
Amd Epyc 7252 -
Amd Epyc 7261 -
Amd Epyc 7262 -
Amd Epyc 7272 -
Amd Epyc 7281 -
Amd Epyc 7282 -
Amd Epyc 72f3 -
Amd Epyc 7301 -
Amd Epyc 7302 -
Amd Epyc 7302p -
Amd Epyc 7313 -
Amd Epyc 7313p -
Amd Epyc 7343 -
Amd Epyc 7351 -
Amd Epyc 7351p -
Amd Epyc 7352 -
Amd Epyc 7371 -
Amd Epyc 73f3 -
Amd Epyc 7401 -
Amd Epyc 7401p -
9
CVSSv2
CVE-2021-26311
In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by the attestation mechanism which could be used by a malicious hypervisor to potentially lead to arbitrary code execution within the guest VM if a malicious administrator has ...
Amd Epyc 7232p -
Amd Epyc 7251 -
Amd Epyc 7252 -
Amd Epyc 7261 -
Amd Epyc 7262 -
Amd Epyc 7272 -
Amd Epyc 7281 -
Amd Epyc 7282 -
Amd Epyc 72f3 -
Amd Epyc 7301 -
Amd Epyc 7302 -
Amd Epyc 7302p -
Amd Epyc 7351 -
Amd Epyc 7351p -
Amd Epyc 7371 -
Amd Epyc 7401 -
Amd Epyc 7401p -
Amd Epyc 7451 -
Amd Epyc 7501 -
Amd Epyc 7513 -
Amd Epyc 7453 -
Amd Epyc 74f3 -
9
CVSSv2
CVE-2021-25298
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can l...
Nagios Nagios Xi 5.7.5
1 Metasploit module
1 Github repository
9
CVSSv2
CVE-2021-25296
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which c...
Nagios Nagios Xi 5.7.5
1 Metasploit module
1 Github repository
9
CVSSv2
CVE-2021-25297
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead ...
Nagios Nagios Xi 5.7.5
1 Metasploit module
1 Github repository
9
CVSSv2
CVE-2016-0499
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4794.
Oracle Database Server 12.1.0.2
Oracle Database Server 12.1.0.1
Oracle Database Server 11.2.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »