Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft plus vulnerabilities and exploits
(subscribe to this query)
250
VMScore
CVE-2001-0152
The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the passwords and read the compressed folders.
Microsoft Plus
445
VMScore
CVE-2002-1139
The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP does not properly check the destination folder during the decompression of ZIP files, which allows malicious users to place an executable file in a known location on a user's s...
Microsoft Windows Xp
Microsoft Windows 98 Plus Pack
Microsoft Windows Me
668
VMScore
CVE-2021-40539
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 5.4
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.6
Zohocorp Manageengine Adselfservice Plus 4.5
Zohocorp Manageengine Adselfservice Plus 5.8
Zohocorp Manageengine Adselfservice Plus 6.0
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus 5.0.6
2 Github repositories
4 Articles
668
VMScore
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
258
VMScore
CVE-2019-4703
IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.
Ibm Spectrum Protect Plus
NA
CVE-2022-40608
IBM Spectrum Protect Plus 10.1.6 up to and including 10.1.11 Microsoft File Systems restore operation can download any file on the target machine by manipulating the URL with a directory traversal attack. This results in the restore operation gaining access to files which the ope...
Ibm Spectrum Protect Plus
668
VMScore
CVE-2002-1015
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote malicious users to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has...
Realnetworks Realjukebox 2 Plus 1.0.2.379
Realnetworks Realjukebox 2 1.0.2.340
Realnetworks Realjukebox 2 1.0.2.379
Realnetworks Realjukebox 2 Plus 1.0.2.340
Realnetworks Realone Player 6.0.10.505
641
VMScore
CVE-2019-3648
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and previous versions allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.
Mcafee Anti-virus Plus
Mcafee Internet Security
Mcafee Total Protection
1 Article
445
VMScore
CVE-2018-8360
An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an malicious user to access information in multi-tenant environments, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 4.7/4.7.1/4...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6
1 Article
383
VMScore
CVE-2018-8378
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microso...
Microsoft Sharepoint Server 2013
Microsoft Sharepoint Enterprise Server 2013 -
Microsoft Sharepoint Enterprise Server 2016 -
Microsoft Office Compatibility Pack -
Microsoft Office 2013
Microsoft Office 2010
Microsoft Office Web Apps 2010
Microsoft Office 2016
Microsoft Excel Viewer 2007
Microsoft Office Web Apps 2013
Microsoft Office Word Viewer -
Microsoft Word Automation Services -
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »