Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
workspaces vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-6342
An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4.
Drupal Drupal 8.7.4
9.8
CVSSv3
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Tomcat
Apache Geode 1.12.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Instantis Enterprisetrack
Oracle Mysql Enterprise Monitor
Oracle Health Sciences Empirica Signal 7.3.3
Oracle Communications Instant Messaging Server 10.0.1.4.0
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Oracle Workload Manager 12.2.0.1
Oracle Agile Engineering Data Management 6.2.1.0
57 Github repositories
1 Article
9.8
CVSSv3
CVE-2017-9367
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an malicious user to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on the web server by crafting a URL with a manipulated POST request.
Blackberry Workspaces Vapp 5.5.3
Blackberry Workspaces Vapp 5.5.5
Blackberry Workspaces Vapp 5.5.0
Blackberry Workspaces Vapp 5.5.1
Blackberry Workspaces Vapp 5.5.2
Blackberry Workspaces Vapp 5.5.7
Blackberry Workspaces Vapp 5.5.8
Blackberry Workspaces Vapp 5.5.9
Blackberry Workspaces Vapp 5.5.4
Blackberry Workspaces Vapp 5.5.6
Blackberry Workspaces Vapp 5.6.2
Blackberry Workspaces Vapp 5.6.4
Blackberry Workspaces Vapp 5.6.5
Blackberry Workspaces Vapp 5.6.6
Blackberry Workspaces Vapp 5.6.0
Blackberry Workspaces Vapp 5.6.1
Blackberry Workspaces Vapp 5.6.3
Blackberry Workspaces Appliance-x
9.6
CVSSv3
CVE-2023-0957
An issue exists in Gitpod versions prior to release-2022.11.2.16. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows malicious users to make WebSocket connections to the Gitpod JSONRPC server using a victim’s credentials, because the Origin header i...
Gitpod Gitpod
8.8
CVSSv3
CVE-2024-24593
A cross-site request forgery (CSRF) vulnerability in all versions up to 1.14.1 of the api server component of Allegro AI’s ClearML platform allows a remote malicious user to impersonate a user by sending API requests via maliciously crafted html. Exploitation of the vulnera...
Clear Clearml
8.8
CVSSv3
CVE-2023-32749
Pydio Cells allows users by default to create so-called external users in order to share files with them. By modifying the HTTP request sent when creating such an external user, it is possible to assign the new user arbitrary roles. By assigning all roles to a newly created user,...
Pydio Cells
1 Github repository
8.8
CVSSv3
CVE-2021-43638
Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local malicious users to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially...
Amazon Workspaces
8.8
CVSSv3
CVE-2021-43637
Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local malicious users to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted...
Amazon Workspaces
8.8
CVSSv3
CVE-2021-38112
In the Amazon AWS WorkSpaces client 3.0.10 up to and including 3.1.8 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument. This is fixed in 3.1.9.
Amazon Aws Workspaces
3 Github repositories
8.8
CVSSv3
CVE-2021-22155
An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry Workspaces Server (deployed with Appliance-X) version(s) 10.1, 9.1 and previous versions could allow an malicious user to potentially gain access to the application in the context of the tar...
Blackberry Workspaces Server 10.1
Blackberry Workspaces Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »