Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

juan vazquez vulnerabilities and exploits

(subscribe to this query)
NA
CVE-1012-5358
This Metasploit module exploits a vulnerability in Ektron CMS 8.02 (before SP5). The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, whic...
NA
CVE-2013-0108
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote malicious users t...
Honeywell Enterprise Buildings Integrator R400.2Honeywell Enterprise Buildings Integrator R310Honeywell Enterprise Buildings Integrator R410.1Honeywell Enterprise Buildings Integrator R410.2Honeywell Symmetre R410.1Honeywell Symmetre R310Honeywell Symmetre R400.2Honeywell Comfortpoint Open Manager Station R100
NA
CVE-2012-5076
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability, related to JAX-WS.
Oracle Jre 1.7.0Suse Linux Enterprise Desktop 11
NA
CVE-2012-0779
Adobe Flash Player prior to 10.3.183.19 and 11.x prior to 11.2.202.235 on Windows, Mac OS X, and Linux; prior to 11.1.111.9 on Android 2.x and 3.x; and prior to 11.1.115.8 on Android 4.x allows remote malicious users to execute arbitrary code via a crafted file, related to an &qu...
Adobe Flash Player
NA
CVE-2012-2516
An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20 up to ...
Ge Intelligent Platforms Proficy Historian 3.1Ge Intelligent Platforms Proficy Historian 3.5Ge Intelligent Platforms Proficy Historian 4.5Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.1Ge Intelligent Platforms Proficy Batch Execution 5.6Ge Intelligent Platforms Si7 I\\/o Driver 7.20Ge Intelligent Platforms Si7 I\\/o Driver 7.42Ge Intelligent Platforms Proficy Pulse 1.0Ge Intelligent Platforms Proficy Historian 4.0Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.0
NA
CVE-2013-1493
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and previous versions, 6 Update 41 and previous versions, and 5.0 Update 40 and previous versions allows remote malicious users to execute arbitrary code or cause a denial of service (crash...
Oracle Jre 1.7.0Oracle JreSun Jre 1.5.0Oracle Jre 1.5.0Sun Jdk 1.6.0Oracle Jdk 1.6.0Oracle JdkSun Jre 1.6.0Oracle Jre 1.6.0Sun Jdk 1.5.0Oracle Jdk 1.5.0Oracle Jdk 1.7.0
9.8
CVSSv3
CVE-2012-5357
Ektron Content Management System (CMS) prior to 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote malicious users to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data.
Ektron Ektron Content Management System
NA
CVE-2014-1691
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde prior to 5.1.1 allows remote malicious users to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
Horde Horde Application Framework 5.0.4Horde Horde Application Framework 5.0.2Horde Horde Application Framework 5.0.1Horde Horde Application Framework 5.0.0Horde Horde Application FrameworkHorde Horde Application Framework 5.0.3
NA
CVE-2012-5067
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and previous versions allows remote malicious users to affect confidentiality via unknown vectors related to Deployment.
Oracle Jre 1.7.0Oracle Jdk 1.7.0Oracle JreOracle Jdk
NA
CVE-2012-5088
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Oracle Jre 1.7.0Oracle JreOracle Jdk 1.7.0Oracle Jdk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook