Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-00053
Core Security Technologies Advisory - The Microsoft Netlogon Remote Protocol is a remote procedure call (RPC) interface that is used, among other things, for user and machine authentication on domain-based networks. In a scenario where a client machine connects to a domain-joined...
NA
CVE-2015-6357
The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 up to and including 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle malicious users to spoof this server and provide an invalid package, an...
Cisco Firesight System Software 5.3.1.1
Cisco Firesight System Software 5.3.1.2
Cisco Firesight System Software 5.4.0.1
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.4.0
1 Github repository
NA
CVE-2003-1245
index2.php in Mambo 4.0.12 allows remote malicious users to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
1 EDB exploit
NA
CVE-2006-2089
Multiple cross-site scripting (XSS) vulnerabilities in misc.php in MySmartBB 1.1.x allow remote malicious users to inject arbitrary web script or HTML via the (1) id and (2) username parameters.
Mysmartbb Mysmartbb 1.1.3
Mysmartbb Mysmartbb 1.1.2
1 EDB exploit
7.4
CVSSv3
CVE-2018-0434
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation...
Cisco Vedge 100 Firmware
Cisco Vedge 1000 Firmware
Cisco Vedge 2000 Firmware
Cisco Vedge 5000 Firmware
Cisco Vmanage Network Management System -
NA
CVE-2004-1601
Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote malicious users to access arbitrary files and execute local PHP scripts via a .. (dot dot) in the op parameter.
Coolphp Coolphp Web Portal 1.0 Stable
1 EDB exploit
NA
CVE-2004-0894
LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Datacenter 64-bit
1 EDB exploit
NA
CVE-2000-0177
DNSTools CGI applications allow remote malicious users to execute arbitrary commands via shell metacharacters.
Dnstools Software Dnstools
1 EDB exploit
NA
CVE-2021-465592
Moxa TN-5900 versions 3.1.0 and below use an insecure method to validate firmware updates. A malicious user with access to the management interface can upload arbitrary code in a crafted
NA
CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote malicious users to predict transaction IDs and poison caches...
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »