Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
document server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-43447
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An authentication bypass in the document editor allows malicious users to edit documents without authentication.
Onlyoffice Server
NA
CVE-2011-0202
Integer overflow in CoreGraphics in Apple Mac OS X prior to 10.6.8 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.
Apple Mac Os X 10.5.8
Apple Mac Os X 10.6.7
Apple Mac Os X 10.6.3
Apple Mac Os X 10.6.6
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.2
Apple Mac Os X 10.6.4
Apple Mac Os X 10.6.5
Apple Mac Os X Server 10.5.8
Apple Mac Os X Server 10.6.3
Apple Mac Os X Server 10.6.6
Apple Mac Os X Server 10.6.4
Apple Mac Os X Server 10.6.7
Apple Mac Os X Server 10.6.5
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.2
Apple Mac Os X Server 10.6.0
NA
CVE-2007-4510
ClamAV prior to 0.91.2, as used in Kolab Server 2.0 up to and including 2.2beta1 and other products, allows remote malicious users to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function in libclam...
Kolab Kolab Server 2.0.2
Kolab Kolab Server 2.0
Kolab Kolab Server 2.0.1
Kolab Kolab Server 2.0.4
Kolab Kolab Server 2.2beta1
Clam Anti-virus Clamav
Kolab Kolab Server 2.1
Kolab Kolab Server 2.0.3
7.5
CVSSv3
CVE-2022-32565
An issue exists in Couchbase Server prior to 7.0.4. The Backup Service log leaks unredacted usernames and document ids.
Couchbase Couchbase Server
7.5
CVSSv3
CVE-2021-43444
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key.
Onlyoffice Server
NA
CVE-2011-0208
QuickLook in Apple Mac OS X 10.6 prior to 10.6.8 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.
Apple Mac Os X 10.6.7
Apple Mac Os X 10.6.3
Apple Mac Os X 10.6.6
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.2
Apple Mac Os X 10.6.4
Apple Mac Os X 10.6.5
Apple Mac Os X Server 10.6.3
Apple Mac Os X Server 10.6.6
Apple Mac Os X Server 10.6.4
Apple Mac Os X Server 10.6.7
Apple Mac Os X Server 10.6.5
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.2
Apple Mac Os X Server 10.6.0
4.7
CVSSv3
CVE-2017-0175
The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated malicious users to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than C...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows 7
1 EDB exploit
6.1
CVSSv3
CVE-2021-43446
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross Site Scripting (XSS). The "macros" feature of the document editor allows malicious cross site scripting payloads to be used.
Onlyoffice Server
6.1
CVSSv3
CVE-2019-25046
The Web Client in Cerberus FTP Server Enterprise prior to 10.0.19 and 11.x prior to 11.0.4 allows XSS via an SVG document.
Cerberusftp Ftp Server
4.9
CVSSv3
CVE-2018-2933
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with networ...
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 12.2.1.2.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »