Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
compound vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-4655
Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) prior to 5.2-5565 Update 1 allows remote malicious users to inject arbitrary web script or HTML via the "compound" parameter to entry.cgi.
Synology Diskstation Manager
5
CVSSv2
CVE-2012-0213
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and previous versions allows remote malicious users to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel D...
Apache Poi 3.8
Apache Poi 3.5
Apache Poi 3.1
Apache Poi 3.0.2
Apache Poi 3.0
Apache Poi 2.5.1
Apache Poi 2.5
Apache Poi 1.10
Apache Poi 1.8
Apache Poi 1.0.1
Apache Poi 1.0.0
Apache Poi 0.5
Apache Poi 0.4
Apache Poi
Apache Poi 3.7
Apache Poi 3.6
Apache Poi 3.2
Apache Poi 3.0.1
Apache Poi 2.0
Apache Poi 1.5
Apache Poi 1.2.0
Apache Poi 0.12.0
4
CVSSv2
CVE-2010-3475
IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled...
Ibm Db2 9.7
Ibm Db2 9.7.0.1
Ibm Db2 9.7.0.2
10
CVSSv2
CVE-2010-2521
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel prior to 2.6.34-rc6 allow remote malicious users to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, rela...
Linux Linux Kernel 2.6.11
Linux Linux Kernel 2.6.23.4
Linux Linux Kernel 2.6.16.16
Linux Linux Kernel 2.6.18.7
Linux Linux Kernel 2.6.17.12
Linux Linux Kernel 2.6.16.9
Linux Linux Kernel 2.6.17.9
Linux Linux Kernel 2.6.11.2
Linux Linux Kernel 2.6.5
Linux Linux Kernel 2.6.15.3
Linux Linux Kernel 2.6.11.10
Linux Linux Kernel 2.6.1
Linux Linux Kernel 2.6.16.6
Linux Linux Kernel 2.6.16.8
Linux Linux Kernel 2.6.33
Linux Linux Kernel 2.6.22.4
Linux Linux Kernel 2.6.14.7
Linux Linux Kernel 2.6.13
Linux Linux Kernel 2.6.17.2
Linux Linux Kernel 2.6.13.3
Linux Linux Kernel 2.6.11.8
Linux Linux Kernel 2.6.23.7
9.3
CVSSv2
CVE-2010-0126
Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote malicious users to execute arbitrary code via a crafted compound file, as demonstrated using a Quattro Pro file, which is n...
Autonomy Keyview Export Sdk 10.9
Autonomy Keyview Filter Sdk 10.4
Autonomy Keyview Export Sdk 10.4
Autonomy Keyview Viewer Sdk 10.9
Autonomy Keyview Filter Sdk 10.9
Autonomy Keyview Viewer Sdk 10.4
9.3
CVSSv2
CVE-2009-3930
Multiple integer overflows in Christos Zoulas file prior to 5.02 allow user-assisted remote malicious users to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.
Christos Zoulas File 5.00
Christos Zoulas File 4.26
Christos Zoulas File 4.17
Christos Zoulas File 4.16
Christos Zoulas File 4.15
Christos Zoulas File 4.07
Christos Zoulas File 4.06
Christos Zoulas File 3.39
Christos Zoulas File 3.38
Christos Zoulas File
Christos Zoulas File 4.23
Christos Zoulas File 4.21
Christos Zoulas File 4.12
Christos Zoulas File 4.11
Christos Zoulas File 4.02
Christos Zoulas File 4.01
Christos Zoulas File 3.34
Christos Zoulas File 3.33
Christos Zoulas File 4.20
Christos Zoulas File 4.19
Christos Zoulas File 4.09
Christos Zoulas File 4.08
6.8
CVSSv2
CVE-2009-1515
Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote malicious users to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details...
Christos Zoulas File 5.00
7.6
CVSSv2
CVE-2007-0026
The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote malicious users to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption.
Microsoft Windows 2000
Microsoft Windows 2003 Server Sp1
Microsoft Windows Xp
2.6
CVSSv2
CVE-2005-1678
Groove Virtual Office prior to 3.1 build 2338, prior to 3.1a build 2364, and Groove Workspace prior to 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote malicious users to trick users into execut...
Groove Groove Workspace
Groove Virtual Office
7.5
CVSSv2
CVE-2005-0063
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote malicious users to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), a...
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows Me
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server R2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »