Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
server message block vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2016-4472
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete ...
Libexpat Project Libexpat
Canonical Ubuntu Linux 12.04
Mcafee Policy Auditor
Python Python
NA
CVE-2007-2446
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 up to and including 3.0.25rc3 allow remote malicious users to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_typ...
Samba Samba 3.0.14
Samba Samba 3.0.14a
Samba Samba 3.0.20a
Samba Samba 3.0.20b
Samba Samba 3.0.23a
Samba Samba 3.0.23b
Samba Samba 3.0.25
Samba Samba 3.0.0
Samba Samba 3.0.1
Samba Samba 3.0.15
Samba Samba 3.0.16
Samba Samba 3.0.21
Samba Samba 3.0.21a
Samba Samba 3.0.23c
Samba Samba 3.0.23d
Samba Samba 3.0.2a
Samba Samba 3.0.12
Samba Samba 3.0.13
Samba Samba 3.0.2
Samba Samba 3.0.20
Samba Samba 3.0.22
Samba Samba 3.0.23
4 EDB exploits
3 Github repositories
5.9
CVSSv3
CVE-2012-6702
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent malicious users to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
Libexpat Project Libexpat
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Google Android 4.4.4
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Google Android 5.1.1
7.5
CVSSv3
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix ...
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Google Android 5.0.2
Google Android 6.0.1
Google Android 6.0
Google Android 4.4.4
Google Android 5.1.1
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
119 Github repositories
9.8
CVSSv3
CVE-2019-12524
An issue exists in Squid up to and including 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maint...
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
6.1
CVSSv3
CVE-2019-18677
An issue exists in Squid 3.x and 4.x up to and including 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origin...
Squid-cache Squid 2.7
Squid-cache Squid
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.1
CVSSv3
CVE-2019-18860
Squid prior to 4.9, when certain web browsers are used, mishandles HTML in the host (aka hostname) parameter to cachemgr.cgi.
Squid-cache Squid
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
5.3
CVSSv3
CVE-2016-2516
NTP prior to 4.2.8p7 and 4.3.x prior to 4.3.92, when mode7 is enabled, allows remote malicious users to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.
Ntp Ntp
Ntp Ntp 4.3.90
Ntp Ntp 4.3.91
Ntp Ntp 4.3.14
Ntp Ntp 4.3.15
Ntp Ntp 4.3.22
Ntp Ntp 4.3.23
Ntp Ntp 4.3.3
Ntp Ntp 4.3.30
Ntp Ntp 4.3.37
Ntp Ntp 4.3.38
Ntp Ntp 4.3.45
Ntp Ntp 4.3.46
Ntp Ntp 4.3.52
Ntp Ntp 4.3.53
Ntp Ntp 4.3.6
Ntp Ntp 4.3.60
Ntp Ntp 4.3.68
Ntp Ntp 4.3.69
Ntp Ntp 4.3.75
Ntp Ntp 4.3.76
Ntp Ntp 4.3.82
NA
CVE-2008-0304
Heap-based buffer overflow in Mozilla Thunderbird prior to 2.0.0.12 and SeaMonkey prior to 1.1.8 might allow remote malicious users to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message previ...
Mozilla Seamonkey
Mozilla Thunderbird
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »