Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
958
VMScore
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
945
VMScore
CVE-2008-5518
Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 up to and including 2.1.3 on Windows allow remote malicious users to upload files to arbitrary directories via directory traversal sequences in the (1) group, ...
Apache Geronimo 2.1
Apache Geronimo 2.1.2
Apache Geronimo 2.1.3
Apache Geronimo 2.1.1
1 EDB exploit
945
VMScore
CVE-2006-0005
Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote malicious users to execute arbitrary code via HTML with an EMBED element co...
Microsoft Windows-nt Datacenter Server
Microsoft Windows Xp -
Microsoft Windows 2000
Microsoft Windows 2003 Server Datacenter Edition 64-bit
Microsoft Windows 2003 Server Enterprise Edition
Microsoft Windows Server 2000 Sp2
Microsoft Windows Server 2000 Sp3
Microsoft Windows Xp
Microsoft Windows 2000 -
Microsoft Windows-nt Xp
Microsoft Windows-nt Xp Tablet Pc
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2003 Server Enterprise Edition 64-bit
Microsoft Windows 2003 Server Standard
Microsoft Windows Server 2003 Datacenter Sp1
Microsoft Windows Server 2003 Enterprise Sp1
Microsoft Windows 2000 Advanced Server Sp4
Microsoft Windows 2003 Server Datacenter Edition
Microsoft Windows Server 2000 None
Microsoft Windows Server 2000 Sp1
Microsoft Windows 2000 Advanced Server Sp1
Microsoft Windows 2000 Advanced Server Sp2
3 EDB exploits
941
VMScore
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote malicious users to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Xp -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 2003 Server
2 EDB exploits
3 Github repositories
23 Articles
941
VMScore
CVE-2010-0249
Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote malicious users to execute arb...
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7.0
Microsoft Internet Explorer 8
2 EDB exploits
2 Github repositories
6 Articles
940
VMScore
CVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote malicious user to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the roo...
Cisco Asa Firepower
1 Metasploit module
1 Github repository
1 Article
940
VMScore
CVE-2019-1150
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, chang...
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
2 EDB exploits
1 Article
940
VMScore
CVE-2017-6398
An issue exists in Trend Micro InterScan Messaging Security (Virtual Appliance) 9.1-1600. An authenticated user can execute a terminal command in the context of the web server user (which is root). Besides, the default installation of IMSVA comes with default administrator creden...
Trendmicro Interscan Messaging Security Virtual Appliance 9.1-1600
940
VMScore
CVE-2011-0517
Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and previous versions, when Run TCP/IP server is enabled, allows remote malicious users to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
Sielcosistemi Winlog Pro
2 EDB exploits
940
VMScore
CVE-2009-3068
Unrestricted file upload vulnerability in the RoboHelpServer Servlet (robohelp/server) in Adobe RoboHelp Server 8 allows remote malicious users to execute arbitrary code by uploading a Java Archive (.jsp) file during a PUBLISH action, then accessing it via a direct request to the...
Adobe Robohelp Server 8
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »