Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
diagnostics vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-6198
SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources. This allows an malicious user to control all remote functions on the Agent due to Missing Authentication Check.
Sap Solution Manager 7.20
8.8
CVSSv3
CVE-2018-6388
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.
Iball Ib-wra150n Firmware 1.2.6
1 EDB exploit
NA
CVE-2016-0420
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote malicious users to affect availability via unknown vectors related to Monitoring and Diagnostics.
Oracle Jd Edwards Products 9.2
Oracle Jd Edwards Products 9.1
NA
CVE-2014-6471
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote malicious users to affect integrity via vectors related to OAM Diagnostics.
Oracle E-business Suite 11.5.10.2
Oracle E-business Suite 12.0.6
Oracle E-business Suite 12.1.3
Oracle E-business Suite 12.2.3
Oracle E-business Suite 12.2.2
Oracle E-business Suite 12.2.4
8.1
CVSSv3
CVE-2021-37500
Directory traversal vulnerability in Reprise License Manager (RLM) web interface prior to 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server.
Reprisesoftware Reprise License Manager
9.8
CVSSv3
CVE-2022-32534
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and previous versions was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
Bosch Pra-es8p2s Firmware
8.8
CVSSv3
CVE-2022-38841
Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.
Linksys E8450 Firmware 1.1.00
NA
CVE-2016-0421
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote malicious users to affect availability via vectors related to Monitoring and Diagnostics SEC.
Oracle Jd Edwards Products 9.2
Oracle Jd Edwards Products 9.1
NA
CVE-2014-4551
Cross-site scripting (XSS) vulnerability in diagnostics/test.php in the Social Connect plugin 1.0.4 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the testing parameter.
Social Connect Project Social Connect
9.8
CVSSv3
CVE-2016-9682
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out inf...
Dell Sonicwall Secure Remote Access Server 8.1.0.2-14sv
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »