Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft plus vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2021-27602
SAP Commerce, versions - 1808, 1811, 1905, 2005, 2011, Backoffice application allows certain authorized users to create source rules which are translated to drools rule when published to certain modules within the application. An attacker with this authorization can inject malici...
2 Articles
9.8
CVSSv3
CVE-2023-34362
In Progress MOVEit Transfer prior to 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated malicious user to gain a...
Progress Moveit Cloud
Progress Moveit Transfer
18 Github repositories
11 Articles
9.8
CVSSv3
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2021-40539
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 5.4
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.6
Zohocorp Manageengine Adselfservice Plus 4.5
Zohocorp Manageengine Adselfservice Plus 5.8
Zohocorp Manageengine Adselfservice Plus 6.0
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus 5.0.6
2 Github repositories
4 Articles
9.8
CVSSv3
CVE-2018-8273
A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.
Microsoft Sql Server 2016
Microsoft Sql Server 2017
1 Article
8.8
CVSSv3
CVE-2024-30040
Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 22h2
Microsoft Windows 11 23h2
Microsoft Windows 11 22h2
Microsoft Windows Server 2019
Microsoft Windows 10 1809
Microsoft Windows Server 2022
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows Server 2016
2 Articles
8.8
CVSSv3
CVE-2024-4761
Out of bounds write in V8 in Google Chrome before 124.0.6367.207 allowed a remote malicious user to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Google Chrome
1 Github repository
6 Articles
8.8
CVSSv3
CVE-2021-21104
Adobe Illustrator version 25.2 (and previous versions) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to remote code execution in the context of the current user. Exploitation o...
Adobe Illustrator
1 Article
8.8
CVSSv3
CVE-2021-21103
Adobe Illustrator version 25.2 (and previous versions) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user...
Adobe Illustrator
1 Article
8.8
CVSSv3
CVE-2021-21105
Adobe Illustrator version 25.2 (and previous versions) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploi...
Adobe Illustrator
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »