Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

active library explorer vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2019-7417
XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter.
Ericsson Active Library Explorer 14.3
7.5
CVSSv2
CVE-2003-0469
Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "...
Microsoft Windows 98seMicrosoft Windows MeMicrosoft Windows Nt 4.0Microsoft Windows 2003 Server R2Microsoft Windows 98Microsoft Windows 2000Microsoft Windows 2003 Server 64-bitMicrosoft Windows Xp
9.3
CVSSv2
CVE-2008-0015
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, a...
Microsoft Windows 2003 Server -Microsoft Windows Xp -Microsoft Windows Xp
7.8
CVSSv2
CVE-2009-2495
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote malicious users to obtain sensitive informatio...
Microsoft Visual Studio .net 2003Microsoft Visual C\\+\\+ 2008Microsoft Visual Studio 2008Microsoft Visual Studio 2005Microsoft Visual C\\+\\+ 2005
9.3
CVSSv2
CVE-2009-0901
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not...
Microsoft Visual Studio 2008Microsoft Visual Studio .net 2003Microsoft Visual Studio 2005Microsoft Visual C\\+\\+ 2008Microsoft Visual C\\+\\+ 2005
9.3
CVSSv2
CVE-2009-2493
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; ...
Microsoft Visual C\\+\\+ 2005Microsoft Visual C\\+\\+ 2008Microsoft Windows Vista -Microsoft Windows VistaMicrosoft Windows XpMicrosoft Windows Server 2008 -Microsoft Windows 2003 ServerMicrosoft Windows 2000Microsoft Windows Server 2008Microsoft Visual Studio 2008Microsoft Visual Studio 2005Microsoft Visual Studio 2003
NA
CVE-2022-47966
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsib...
Zohocorp Manageengine Access Manager Plus 4.3Zohocorp Manageengine Access Manager PlusZohocorp Manageengine Ad360Zohocorp Manageengine Ad360 4.3Zohocorp Manageengine Adaudit Plus 7.0Zohocorp Manageengine Adaudit PlusZohocorp Manageengine Admanager Plus 7.1Zohocorp Manageengine Admanager PlusZohocorp Manageengine Adselfservice Plus 6.2Zohocorp Manageengine Adselfservice PlusZohocorp Manageengine Analytics PlusZohocorp Manageengine Analytics Plus 5.1Zohocorp Manageengine Assetexplorer 6.9Zohocorp Manageengine AssetexplorerZohocorp Manageengine Key Manager PlusZohocorp Manageengine Key Manager Plus 6.4Zohocorp Manageengine Pam360 5.7Zohocorp Manageengine Pam360Zohocorp Manageengine Password Manager ProZohocorp Manageengine Password Manager Pro 12.1Zohocorp Manageengine Servicedesk PlusZohocorp Manageengine Servicedesk Plus 14.0
NA
CVE-2024-3273
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The mani...
Dlink Dns-320l Firmware -Dlink Dns-120 Firmware -Dlink Dnr-202l Firmware -Dlink Dns-315l Firmware -Dlink Dns-320 Firmware -Dlink Dns-320lw Firmware -Dlink Dns-321 Firmware -Dlink Dnr-322l Firmware -Dlink Dns-323 Firmware -Dlink Dns-325 Firmware -Dlink Dns-326 Firmware -Dlink Dns-327l Firmware -Dlink Dnr-326 Firmware -Dlink Dns-340l Firmware -Dlink Dns-343 Firmware -Dlink Dns-345 Firmware -Dlink Dns-726-4 Firmware -Dlink Dns-1100-4 Firmware -Dlink Dns-1200-05 Firmware -Dlink Dns-1550-04 Firmware -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook