Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
corporate server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-1010283
Univention Corporate Server univention-directory-notifier 12.0.1-3 and previous versions is affected by: CWE-213: Intentional Information Exposure. The impact is: Loss of Confidentiality. The component is: function data_on_connection() in src/callback.c. The attack vector is: net...
Univention Univention Corporate Server
NA
CVE-2023-38994
The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attack...
Univention Univention Corporate Server 5.0
7.2
CVSSv2
CVE-2009-0912
perl-MDK-Common 1.1.11 and 1.1.24, 1.2.9 up to and including 1.2.14, and possibly other versions, in Mandriva Linux does not properly handle strings when writing them to configuration files, which allows malicious users to gain privileges via "special characters" in uns...
Mandriva Linux 2008.1
Mandriva Linux 2008.0
Mandriva Linux Corporate Server 4.0
Mandriva Multi Network Firewall 2.0
Mandriva Linux 2009.0
Mandriva Linux Corporate Server 3.0
9.3
CVSSv2
CVE-2007-0325
Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 before Build 1197, allow remo...
Trend Micro Officescan Corporate Edition 7.3
Trend Micro Client-server-messaging Security 3.0
Trend Micro Officescan Corporate Edition 7.0
1 EDB exploit
5
CVSSv2
CVE-2005-2377
nss_ldap 181 to versions prior to 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote malicious users to cause a den...
Mandrakesoft Mandrake Linux 10.0
Mandrakesoft Mandrake Linux Corporate Server
6.4
CVSSv2
CVE-2006-5211
Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 prior to 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 prior to 6.5.0.1418, 7.0 prior to 7.0.0.1257, and 7.3 prior to 7.3.0.1053 allow remote malicious users to remove OfficeScan clients via a...
Trend Micro Officescan Corporate Edition 6.5
Trend Micro Officescan Corporate Edition 7.0
Trend Micro Officescan Corporate Edition 7.3
6.4
CVSSv2
CVE-2019-3778
Spring Security OAuth, versions 2.3 before 2.3.5, and 2.2 before 2.2.4, and 2.1 before 2.1.4, and 2.0 before 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a requ...
Pivotal Software Spring Security Oauth
Oracle Banking Corporate Lending 14.1.0
Oracle Banking Corporate Lending 14.3.0
Oracle Banking Corporate Lending 14.4.0
1 EDB exploit
2 Github repositories
5.8
CVSSv2
CVE-2019-11269
Spring Security OAuth versions 2.3 before 2.3.6, 2.2 before 2.2.5, 2.1 before 2.1.5, and 2.0 before 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a reques...
Pivotal Software Spring Security Oauth
Oracle Banking Corporate Lending 14.1.0
Oracle Banking Corporate Lending 14.3.0
Oracle Banking Corporate Lending 14.4.0
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2007-6284
The xmlCurrentChar function in libxml2 prior to 2.6.31 allows context-dependent malicious users to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
Mandrakesoft Mandrake Linux Corporate Server 4.0
Debian Debian Linux 3.1
Debian Debian Linux 4.0
Redhat Fedora 7
Mandrakesoft Mandrake Linux 2007
Redhat Fedora 8
Mandrakesoft Mandrake Linux 2007.1
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 2008.0
5
CVSSv2
CVE-2004-2392
libuser 0.51.7 allows malicious users to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.
Mandrakesoft Mandrake Linux Corporate Server 2.1
Mandrakesoft Mandrake Linux 9.2
Mandrakesoft Mandrake Linux 9.1
Mandrakesoft Mandrake Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »