Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cve-2019-2725 vulnerabilities and exploits

(subscribe to this query)

7.2
CVSSv2
CVE-2019-1950
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, local attacker to gain unauthorized access to an affected device. The vulnerability is due to the existence of default credentials within the default configuration of an affected device. An attacker...
Cisco Ios Xe
7.5
CVSSv2
CVE-2019-2725
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.1.3.0.0
5
CVSSv2
CVE-2014-10069
Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the...
Hitrontech Cve-30360 Firmware 3.1.1.21
7.5
CVSSv2
CVE-2019–2725
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.1.3.0.0
7.5
CVSSv2
CVE-2019-2729
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access...
Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.1.3.0.0Oracle Weblogic Server 12.2.1.3.0
7.5
CVSSv2
CVE-2010-2725
BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors....
Barnowl Barnowl 1.0.0Barnowl Barnowl 1.0.1Barnowl Barnowl 1.0.2Barnowl Barnowl 1.0.2.1Barnowl Barnowl 1.0.3Barnowl Barnowl 1.0.4Barnowl Barnowl 1.0.4.1Barnowl Barnowl 1.0.5Barnowl Barnowl 1.1Barnowl Barnowl 1.1.1Barnowl Barnowl 1.2Barnowl Barnowl 1.2.1Barnowl Barnowl 1.3Barnowl Barnowl 1.4Barnowl Barnowl 1.5Barnowl Barnowl 1.5.1Barnowl Barnowl 1.6Barnowl Barnowl
7.8
CVSSv2
CVE-2008-2725
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger memory corruption via...
Ruby-lang RubyDebian Debian Linux 4.0Canonical Ubuntu Linux 6.06Canonical Ubuntu Linux 7.04Canonical Ubuntu Linux 7.10Canonical Ubuntu Linux 8.04
6.4
CVSSv2
CVE-2006-2725
SQL injection vulnerability in rss/posts.php in Eggblog before 3.07 allows remote attackers to execute arbitrary SQL commands via the id parameter....
Epic Designs Eggblog
6.8
CVSSv2
CVE-2011-2725
Directory traversal vulnerability in Ark 4.7.x and earlier allows remote attackers to delete and force the display of arbitrary files via .. (dot dot) sequences in a zip file....
Kde ArkKde Kde Sc 4.7.0Kde Kde Sc 4.7.1Kde Kde Sc 4.7.2Kde Kde Sc 4.7.3Kde Kde ScCanonical Ubuntu Linux 10.04Canonical Ubuntu Linux 10.10Canonical Ubuntu Linux 11.04Canonical Ubuntu Linux 11.10Opensuse Opensuse 11.4
10
CVSSv2
CVE-2015-2725
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code...
Novell Suse Linux Enterprise Desktop 12.0Novell Suse Linux Enterprise Server 11Novell Suse Linux Enterprise Server 12.0Novell Suse Linux Enterprise Software Development Kit 12.0Oracle Solaris 11.3Mozilla Firefox Esr 31.0Mozilla Firefox Esr 31.1Mozilla Firefox Esr 31.1.0Mozilla Firefox Esr 31.1.1Mozilla Firefox Esr 31.2Mozilla Firefox Esr 31.3Mozilla Firefox Esr 31.3.0Mozilla Firefox Esr 31.4Mozilla Firefox Esr 31.5Mozilla Firefox Esr 31.5.1Mozilla Firefox Esr 31.5.2Mozilla Firefox Esr 31.5.3Mozilla Firefox Esr 31.6.0Mozilla Firefox Esr 31.7.0Mozilla Firefox Esr 38.0Mozilla FirefoxMozilla Thunderbird
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
wirelesstoodeequinn projecttype confusionCVE-2021-26857scratchpadCVE-2020-29020man-in-the-middleibmCVE-2021-26971CVE-2021-28032CVE-2021-21725CVE-2021-26855