Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web applications vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2020-6287
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
1 Metasploit module
9 Github repositories
2 Articles
1000
VMScore
CVE-2019-1821
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote malicious user to execute code with root-level privileges on the underlying operating system. This vu...
Cisco Evolved Programmable Network Manager
Cisco Network Level Service 3.0(0.0.83b)
Cisco Prime Infrastructure
2 EDB exploits
1 Github repository
1 Article
1000
VMScore
CVE-2017-6622
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote malicious user to bypass authentication and perform command injection with root privileges. The vulnerability is due to missing security constraints in certain H...
Cisco Prime Collaboration Provisioning 9.5.0
Cisco Prime Collaboration Provisioning 9.0.0
Cisco Prime Collaboration Provisioning 10.6.2
Cisco Prime Collaboration Provisioning 11.5.0
Cisco Prime Collaboration Provisioning 10.5.1
Cisco Prime Collaboration Provisioning 11.1.0
Cisco Prime Collaboration Provisioning 10.6.0
Cisco Prime Collaboration Provisioning 10.5.0
Cisco Prime Collaboration Provisioning 11.0.0
Cisco Prime Collaboration Provisioning 10.0.0
1 EDB exploit
1000
VMScore
CVE-2017-8051
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.
Tenable Appliance 4.3.0
Tenable Appliance 3.4.0
Tenable Appliance 4.3.1
Tenable Appliance 4.0.0
Tenable Appliance 3.5.0
Tenable Appliance 4.4.0
Tenable Appliance 3.10.1
Tenable Appliance 4.2.0
Tenable Appliance 3.5.1
Tenable Appliance 4.1.0
Tenable Appliance 3.10.0
1 EDB exploit
1000
VMScore
CVE-2014-6278
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feat...
Gnu Bash 4.0
Gnu Bash 4.3
Gnu Bash 3.2.48
Gnu Bash 1.14.3
Gnu Bash 4.1
Gnu Bash 2.05
Gnu Bash 1.14.1
Gnu Bash 3.0
Gnu Bash 2.01
Gnu Bash 2.04
Gnu Bash 2.0
Gnu Bash 2.01.1
Gnu Bash 1.14.7
Gnu Bash 3.1
Gnu Bash 1.14.6
Gnu Bash 1.14.2
Gnu Bash 1.14.4
Gnu Bash 4.2
Gnu Bash 2.02.1
Gnu Bash 3.0.16
Gnu Bash 1.14.5
Gnu Bash 1.14.0
5 EDB exploits
12 Github repositories
1000
VMScore
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 4.0
Gnu Bash 4.3
Gnu Bash 3.2.48
Gnu Bash 1.14.3
Gnu Bash 4.1
Gnu Bash 2.05
Gnu Bash 1.14.1
Gnu Bash 3.0
Gnu Bash 2.01
Gnu Bash 2.04
Gnu Bash 2.0
Gnu Bash 2.01.1
Gnu Bash 1.14.7
Gnu Bash 3.1
Gnu Bash 1.14.6
Gnu Bash 1.14.2
Gnu Bash 1.14.4
Gnu Bash 4.2
Gnu Bash 2.02.1
Gnu Bash 3.0.16
Gnu Bash 1.14.5
Gnu Bash 1.14.0
3 EDB exploits
4 Github repositories
1000
VMScore
CVE-2013-1493
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and previous versions, 6 Update 41 and previous versions, and 5.0 Update 40 and previous versions allows remote malicious users to execute arbitrary code or cause a denial of service (crash...
Oracle Jre 1.7.0
Oracle Jre
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
Oracle Jdk 1.7.0
1 EDB exploit
3 Articles
1000
VMScore
CVE-2013-0422
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote malicious users to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary...
Oracle Jre 1.7.0
Oracle Jdk 1.7.0
Canonical Ubuntu Linux 12.10
Opensuse Opensuse 12.2
1 EDB exploit
16 Github repositories
8 Articles
1000
VMScore
CVE-2012-4681
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and previous versions allow remote malicious users to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.Cla...
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Eus 6.3
1 EDB exploit
4 Github repositories
9 Articles
1000
VMScore
CVE-2012-0500
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and previous versions, 6 Update 30 and previous versions, and JavaFX 2.0.2 and previous versions allows remote untrusted Java Web Start applications and untrusted Java applets t...
Sun Jre 1.6.0
Oracle Jre 1.6.0
Oracle Jre
Oracle Jre 1.7.0
Oracle Javafx 1.2.3
Oracle Javafx
Oracle Javafx 2.0
Oracle Javafx 1.3.1
Oracle Javafx 1.3.0
Oracle Javafx 1.2
Oracle Javafx 1.2.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »