Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
windows server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4577
In PHP versions 8.1.* prior to 8.1.29, 8.2.* prior to 8.2.20, 8.3.* prior to 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to ...
2 Github repositories
NA
CVE-2024-2548
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically within the `lollms_core/lollms/server/endpoints/lollms_binding_files_server.py` and `lollms_core/lollms/security.py` files. Due to inadequate validation of file paths between Windows and ...
NA
CVE-2024-35178
The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access...
NA
CVE-2024-0912
Under certain circumstances the Microsoft® Internet Information Server (IIS) used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions
NA
CVE-2024-35236
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to version 2.10.0, opening an ebook with malicious scripts inside leads to code execution inside the browsing context. Attacking a user with high privileges (upload, creation of libraries) can lead to remote code...
NA
CVE-2024-36049
Aptos Wisal payroll accounting prior to 7.1.6 uses hardcoded credentials in the Windows client to fetch the complete list of usernames and passwords from the database server, using an unencrypted connection. This allows attackers in a machine-in-the-middle position read and write...
NA
CVE-2024-36077
Qlik Sense Enterprise for Windows prior to 14.187.4 allows a remote malicious user to elevate their privilege due to improper validation. The attacker can elevate their privilege to the internal system role, which allows them to execute commands on the server. This affects Februa...
NA
CVE-2023-52751
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in smb2_query_info_compound() The following UAF was triggered when running fstests generic/072 with KASAN enabled against Windows Server 2022 and mount options 'multichannel,m...
NA
CVE-2024-30030
Win32k Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
1 Article
NA
CVE-2024-30040
Windows MSHTML Platform Security Feature Bypass Vulnerability
Microsoft Windows Server 2022 23h2
Microsoft Windows 10 22h2
Microsoft Windows 11 23h2
Microsoft Windows 11 22h2
Microsoft Windows Server 2019
Microsoft Windows 10 1809
Microsoft Windows Server 2022
Microsoft Windows 11 21h2
Microsoft Windows 10 21h2
Microsoft Windows 10 1507
Microsoft Windows 10 1607
Microsoft Windows Server 2016
2 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »