Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
validation vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2009-0234
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote malicious users to predict transaction IDs and poison caches...
Microsoft Windows Server 2003
Microsoft Windows 2000
Microsoft Windows Server 2008
725
VMScore
CVE-2004-0894
LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Datacenter 64-bit
1 EDB exploit
605
VMScore
CVE-2015-6357
The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 up to and including 5.4.0.1 does not verify the X.509 certificate of the support.sourcefire.com SSL server, which allows man-in-the-middle malicious users to spoof this server and provide an invalid package, an...
Cisco Firesight System Software 5.3.1.1
Cisco Firesight System Software 5.3.1.2
Cisco Firesight System Software 5.4.0.1
Cisco Firesight System Software 5.2.0
Cisco Firesight System Software 5.3.0
Cisco Firesight System Software 5.3.1.5
Cisco Firesight System Software 5.4.0
1 Github repository
668
VMScore
CVE-2008-0173
SQL injection vulnerability in Gforge 4.6.99 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified parameters, related to RSS exports.
Gforge Gforge
755
VMScore
CVE-2007-5181
SQL injection vulnerability in detay.asp in Netkamp Emlak Scripti allows remote malicious users to execute arbitrary SQL commands via the ilan_id parameter.
Netkamp Netkamp Emlak Scripti
1 EDB exploit
605
VMScore
CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted malicious users to modify arbitrary files via ".." (dot dot) sequences in a patch file.
Mercurial Mercurial 1.0.1
1000
VMScore
CVE-2000-0177
DNSTools CGI applications allow remote malicious users to execute arbitrary commands via shell metacharacters.
Dnstools Software Dnstools
1 EDB exploit
890
VMScore
CVE-2003-0255
The key validation code in GnuPG prior to 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path.
Gnu Privacy Guard
685
VMScore
CVE-2006-2803
Multiple cross-site scripting (XSS) vulnerabilities in PHP ManualMaker 1.0 allows remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to index.php, (2) search field (possibly the s parameter), or (3) comment field.
Deltascripts Php Manualmaker 1.0
1 EDB exploit
383
VMScore
CVE-2015-0005
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote malicious users to spoof the computer name of a secure channel's endpoint, and obtain sen...
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows 2003 Server
Microsoft Windows Server 2008
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »