Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juan vazquez vulnerabilities and exploits
(subscribe to this query)
NA
CVE-1012-5358
This Metasploit module exploits a vulnerability in Ektron CMS 8.02 (before SP5). The vulnerability exists due to the insecure usage of XslCompiledTransform, using a XSLT controlled by the user. The module has been tested successfully on Ektron CMS 8.02 over Windows 2003 SP2, whic...
NA
CVE-2013-0108
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote malicious users t...
Honeywell Enterprise Buildings Integrator R400.2
Honeywell Enterprise Buildings Integrator R310
Honeywell Enterprise Buildings Integrator R410.1
Honeywell Enterprise Buildings Integrator R410.2
Honeywell Symmetre R410.1
Honeywell Symmetre R310
Honeywell Symmetre R400.2
Honeywell Comfortpoint Open Manager Station R100
1 EDB exploit
NA
CVE-2012-5076
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability, related to JAX-WS.
Oracle Jre 1.7.0
Suse Linux Enterprise Desktop 11
2 EDB exploits
2 Articles
NA
CVE-2012-0779
Adobe Flash Player prior to 10.3.183.19 and 11.x prior to 11.2.202.235 on Windows, Mac OS X, and Linux; prior to 11.1.111.9 on Android 2.x and 3.x; and prior to 11.1.115.8 on Android 4.x allows remote malicious users to execute arbitrary code via a crafted file, related to an &qu...
Adobe Flash Player
1 EDB exploit
1 Github repository
NA
CVE-2012-2516
An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as used in GE Intelligent Platforms Proficy Historian 3.1, 3.5, 4.0, and 4.5; Proficy HMI/SCADA iFIX 5.0 and 5.1; Proficy Pulse 1.0; Proficy Batch Execution 5.6; SI7 I/O Driver 7.20 up to ...
Ge Intelligent Platforms Proficy Historian 3.1
Ge Intelligent Platforms Proficy Historian 3.5
Ge Intelligent Platforms Proficy Historian 4.5
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.1
Ge Intelligent Platforms Proficy Batch Execution 5.6
Ge Intelligent Platforms Si7 I\\/o Driver 7.20
Ge Intelligent Platforms Si7 I\\/o Driver 7.42
Ge Intelligent Platforms Proficy Pulse 1.0
Ge Intelligent Platforms Proficy Historian 4.0
Ge Intelligent Platforms Proficy Hmi\\/scada Ifix 5.0
1 EDB exploit
NA
CVE-2013-1493
The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and previous versions, 6 Update 41 and previous versions, and 5.0 Update 40 and previous versions allows remote malicious users to execute arbitrary code or cause a denial of service (crash...
Oracle Jre 1.7.0
Oracle Jre
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
Oracle Jdk 1.7.0
1 EDB exploit
3 Articles
9.8
CVSSv3
CVE-2012-5357
Ektron Content Management System (CMS) prior to 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote malicious users to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data.
Ektron Ektron Content Management System
1 EDB exploit
NA
CVE-2014-1691
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde prior to 5.1.1 allows remote malicious users to conduct object injection attacks and execute arbitrary PHP code via a crafted serialized object in the _formvars form.
Horde Horde Application Framework 5.0.4
Horde Horde Application Framework 5.0.2
Horde Horde Application Framework 5.0.1
Horde Horde Application Framework 5.0.0
Horde Horde Application Framework
Horde Horde Application Framework 5.0.3
1 EDB exploit
NA
CVE-2012-5067
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and previous versions allows remote malicious users to affect confidentiality via unknown vectors related to Deployment.
Oracle Jre 1.7.0
Oracle Jdk 1.7.0
Oracle Jre
Oracle Jdk
1 EDB exploit
NA
CVE-2012-5088
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Oracle Jre 1.7.0
Oracle Jre
Oracle Jdk 1.7.0
Oracle Jdk
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »