Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1010 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 5:53 a.m.2 views

SUSE CVE-2011-1430

The STARTTLS implementation in the server in Ipswitch IMail 11.03 and earlier does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a...

6.8CVSS9.1AI score0.01049EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2022/10/12 12:0 a.m.1 views

PT-2022-26514 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold versions prior to 22.1.0 Description: The issue is related to the SNMP MIB Walker application endpoint, which failed to properly sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary...

9.6CVSS9.4AI score0.00516EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2022/08/02 12:0 a.m.1 views

PT-2022-23713 · Ipswitch · Ws Ftp Server

Name of the Vulnerable Software and Affected Versions: WS FTP Server versions prior to 8.7.3 Description: The administrative web interface of WS FTP Server contains multiple reflected cross-site scripting XSS vulnerabilities. A remote attacker can inject arbitrary JavaScript into a WS FTP...

6.1CVSS6.2AI score0.00009EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2022/05/11 6:15 p.m.2 views

CVE-2022-29845

In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file...

6.5CVSS6.6AI score0.44387EPSS
Exploits1References4
OSV
OSVadded 2022/05/11 6:15 p.m.1 views

CVE-2022-29845

In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file...

6.5CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2022/05/11 6:15 p.m.10 views

CVE-2022-29845

In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file...

6.5CVSS0.44387EPSS
Exploits1References2
NVD
NVDadded 2022/05/11 6:15 p.m.7 views

CVE-2022-29847

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host...

7.5CVSS0.84743EPSS
Exploits1References2
NVD
NVDadded 2022/05/11 6:15 p.m.13 views

CVE-2022-29848

In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system...

6.5CVSS0.61104EPSS
Exploits1References2
OSV
OSVadded 2022/05/11 6:15 p.m.6 views

CVE-2022-29848

In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system...

6.5CVSS5.8AI score
Exploits0References2
NVD
NVDadded 2022/05/11 6:15 p.m.8 views

CVE-2022-29846

In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number...

5.3CVSS0.38586EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2022/05/11 6:15 p.m.3 views

CVE-2022-29847

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host...

7.5CVSS7.2AI score0.84743EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2022/05/11 6:15 p.m.3 views

CVE-2022-29848

In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system...

6.5CVSS6.9AI score0.61104EPSS
Exploits1References4
Prion
Prionadded 2022/05/11 6:15 p.m.7 views

Code injection

In Progress Ipswitch WhatsUp Gold 21.1.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read the contents of a local file...

4CVSS6.2AI score0.44387EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/11 6:15 p.m.19 views

Code injection

In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number...

5CVSS5.3AI score0.38586EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/11 6:15 p.m.16 views

Design/Logic Flaw

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host...

5CVSS7.7AI score0.84743EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/05/11 6:15 p.m.19 views

Information disclosure

In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system...

4CVSS6.3AI score0.61104EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2022/05/11 5:56 p.m.556 views

CVE-2022-29848

CVE-2022-29848 affects Progress WhatsUp Gold 17.0.0–21.1.1 and 22.0.0. An authenticated user can invoke an API transaction that enables reading sensitive operating-system attributes from a host accessible by the WhatsUp Gold system. The Red Hat, CVE, and related references corroborate the issue a...

6.5CVSS6.8AI score0.61104EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/05/11 5:56 p.m.15 views

CVE-2022-29848

In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system...

6.7AI score0.61104EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/05/11 5:56 p.m.13 views

CVE-2022-29847

In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host...

7.8AI score0.84743EPSS
Exploits1References2
CVE
CVEadded 2022/05/11 5:56 p.m.554 views

CVE-2022-29847

CVE-2022-29847 affects Progress IPSWITCH WhatsUp Gold versions 21.0.0–21.1.1 and 22.0.0. An unauthenticated attacker can invoke an API transaction to relay encrypted WhatsUp Gold user credentials to an arbitrary host. Impact: credential exposure via API, enabling unauthorized access. Exploitation...

7.5CVSS7.6AI score0.84743EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder