Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server message block vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2016-4472
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete ...
Libexpat Project Libexpat
Canonical Ubuntu Linux 12.04
Mcafee Policy Auditor
Python Python
10
CVSSv2
CVE-2007-2446
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 up to and including 3.0.25rc3 allow remote malicious users to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_typ...
Samba Samba 3.0.14
Samba Samba 3.0.14a
Samba Samba 3.0.20a
Samba Samba 3.0.20b
Samba Samba 3.0.23a
Samba Samba 3.0.23b
Samba Samba 3.0.25
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.15
Samba Samba 3.0.16
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.23c
Samba Samba 3.0.23d
Samba Samba 3.0.2a
Samba Samba 3.0.12
Samba Samba 3.0.13
Samba Samba 3.0.2
Samba Samba 3.0.20
Samba Samba 3.0.22
Samba Samba 3.0.23
4 EDB exploits
3 Github repositories
4.3
CVSSv2
CVE-2012-6702
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent malicious users to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
Libexpat Project Libexpat
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Google Android 4.4.4
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Google Android 5.1.1
7.8
CVSSv2
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix ...
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Google Android 4.4.4
Google Android 5.1.1
7.5
CVSSv2
CVE-2019-12524
An issue exists in Squid up to and including 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maint...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
5.8
CVSSv2
CVE-2019-18677
An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origin...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
4.3
CVSSv2
CVE-2019-18860
Squid prior to 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
7.1
CVSSv2
CVE-2016-2516
NTP prior to 4.2.8p7 and 4.3.x prior to 4.3.92, when mode7 is enabled, allows remote malicious users to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.
Ntp Ntp
Ntp Ntp 4.3.90
Ntp Ntp 4.3.91
Ntp Ntp 4.3.14
Ntp Ntp 4.3.15
Ntp Ntp 4.3.22
Ntp Ntp 4.3.23
Ntp Ntp 4.3.3
Ntp Ntp 4.3.30
Ntp Ntp 4.3.37
Ntp Ntp 4.3.38
Ntp Ntp 4.3.45
Ntp Ntp 4.3.46
Ntp Ntp 4.3.52
Ntp Ntp 4.3.53
Ntp Ntp 4.3.6
Ntp Ntp 4.3.60
Ntp Ntp 4.3.68
Ntp Ntp 4.3.69
Ntp Ntp 4.3.75
Ntp Ntp 4.3.76
Ntp Ntp 4.3.82
7.5
CVSSv2
CVE-2008-0304
Heap-based buffer overflow in Mozilla Thunderbird prior to 2.0.0.12 and SeaMonkey prior to 1.1.8 might allow remote malicious users to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message previ...
Mozilla Seamonkey
Mozilla Thunderbird
4.3
CVSSv2
CVE-2021-28116
Squid up to and including 4.14 and 5.x up to and including 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.
Squid-cache Squid
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »