Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

firmware vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv3
CVE-2015-5010
IBM Security Access Manager for Web 7.0 prior to 7.0.0 IF21, 8.0 prior to 8.0.1.3 IF4, and 9.0 prior to 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote malicious users to obtain access via a brute-force attack.
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0Ibm Security Access Manager For Web 8.0 Firmware 8.0.1Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.18Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.19Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.20Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.17Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2Ibm Security Access Manager 9.0 Firmware 9.0.0Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
NA
CVE-2015-2829
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway prior to 10.5 Build 53.9 up to and including 55.8 and 10.5.e Build 53-9010.e allow remote malicious users to cause a denial of service (reboot) via unspecified vectors.
Citrix Netscaler Application Delivery Controller Firmware 10.5Citrix Netscaler Gateway Firmware 10.5Citrix Netscaler Gateway Firmware 10.5e
9.8
CVSSv3
CVE-2015-7029
Apple AirPort Base Station Firmware prior to 7.6.7 and 7.7.x prior to 7.7.7 misparses DNS data, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Apple Airport Base Station Firmware 7.7.3Apple Airport Base Station Firmware 7.7.0Apple Airport Base Station Firmware
NA
CVE-2012-2188
IBM Power Hardware Management Console (HMC) 7R3.5.0 before SP4, 7R7.1.0 and 7R7.2.0 prior to 7R7.2.0 SP3, and 7R7.3.0 before SP2, and Systems Director Management Console (SDMC) 6R7.3.0 before SP2, does not properly restrict the VIOS viosrvcmd command, which allows local users to ...
Ibm Power Hardware Management Console Firmware 7r7.3.0Ibm Systems Director Management Console Firmware 6r7.3.0Ibm Power Hardware Management Console Firmware 7r7.1.0Ibm Power Hardware Management Console Firmware 7r7.2.0Ibm Power Hardware Management Console Firmware 7r3.5.0
8
CVSSv3
CVE-2015-5018
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 prior to 8.0.1.3 IF3, and Security Access Manager 9.0 prior to 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
Ibm Security Access Manager 9.0 Firmware 9.0.0Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.3Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.2Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2Ibm Security Access Manager For Web 8.0 Firmware 8.0.1Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.10Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.14Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
NA
CVE-2014-2246
Cross-site scripting (XSS) vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.0.1
NA
CVE-2014-2247
The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 allows remote malicious users to inject headers via unspecified vectors.
Siemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.0.1Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.1.0
NA
CVE-2014-2248
Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Siemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu Firmware 1.0.1Siemens Simatic S7-1500 Cpu Firmware
NA
CVE-2014-2249
Cross-site request forgery (CSRF) vulnerability on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 and SIMATIC S7-1200 CPU PLC devices with firmware prior to 4.0 allows remote malicious users to hijack the authentication of unspecified victims via unknown vec...
Siemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.0.1
NA
CVE-2014-2251
The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware prior to 1.5.0 does not have sufficient entropy, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors.
Siemens Simatic S7-1500 Cpu FirmwareSiemens Simatic S7-1500 Cpu Firmware 1.1.1Siemens Simatic S7-1500 Cpu Firmware 1.1.0Siemens Simatic S7-1500 Cpu Firmware 1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook