Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web services vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-16601
An issue exists in Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of...
Amazon Amazon Web Services Freertos
Amazon Freertos
7.4
CVSSv3
CVE-2018-16523
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
Amazon Amazon Web Services Freertos
Amazon Freertos
5.9
CVSSv3
CVE-2018-16524
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.
Amazon Amazon Web Services Freertos
Amazon Freertos
8.1
CVSSv3
CVE-2018-16526
Amazon Web Services (AWS) FreeRTOS up to and including 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote malicious users to leak information or execute arbitrary code because of a Buffer Overflow during genera...
Amazon Amazon Web Services Freertos
Amazon Freertos
NA
CVE-2002-1521
Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows malicious users to gain privileges.
Mdg Computer Services Web Server 4d 3.6
8.8
CVSSv3
CVE-2020-2180
Jenkins AWS SAM Plugin 1.2.2 and previous versions does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
Jenkins Amazon Web Services Serverless Application Model
NA
CVE-2002-0123
MDG Computer Services Web Server 4D WS4D/eCommerce 3.0 and previous versions, and possibly 3.5.3, allows remote malicious users to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.
Mdg Computer Services Web Server 4d Ecommerce 3.5.3
NA
CVE-2002-0124
MDG Computer Services Web Server 4D/eCommerce 3.5.3 allows remote malicious users to exploit directory traversal vulnerability via a ../ (dot dot) containing URL-encoded slashes in the HTTP request.
Mdg Computer Services Web Server 4d Ecommerce 3.5.3
8.1
CVSSv3
CVE-2022-41828
In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) prior to 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name.
Amazon Amazon Web Services Redshift Java Database Connectivity Driver
1 Github repository
9.8
CVSSv3
CVE-2018-5488
NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 up to and including 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 up to and including 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the netwo...
Netapp Santricity Storage Manager
Netapp Santricity Web Services Proxy
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »