Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-5445
IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.
Ibm Cognos Express 9.5
Ibm Cognos Express 10.2.1
Ibm Cognos Express 10.1
Ibm Cognos Express 9.0
6.8
CVSSv2
CVE-2013-5443
Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote malicious users to hijack the authentication of arbitrary users.
Ibm Cognos Express 10.1
Ibm Cognos Express 9.0
Ibm Cognos Express 9.5
Ibm Cognos Express 10.2.1
5
CVSSv2
CVE-2002-2164
Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote malicious users to cause a denial of service (crash) via a long <A HREF> link.
Microsoft Outlook Express 6.0
Microsoft Outlook Express 5.0
Microsoft Outlook Express 5.5
Microsoft Outlook Express 5.0.1
1 EDB exploit
5
CVSSv2
CVE-1999-1033
Microsoft Outlook Express prior to 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
Microsoft Outlook Express 4.72.3120.0
Microsoft Outlook Express
Microsoft Outlook Express 4.27.3110.1
1 EDB exploit
5
CVSSv2
CVE-2001-0945
Buffer overflow in Outlook Express 5.0 up to and including 5.02 for Macintosh allows remote malicious users to cause a denial of service via an e-mail message that contains a long line.
Microsoft Outlook Express 5.0
Microsoft Outlook Express 5.0.1
Microsoft Outlook Express 5.0.2
9
CVSSv2
CVE-2018-3758
Unrestricted file upload (RCE) in express-cart module prior to 1.1.7 allows a privileged user to gain access in the hosting machine.
Express-cart Project Express-cart
3.5
CVSSv2
CVE-2021-32573
The express-cart package up to and including 1.1.10 for Node.js allows Reflected XSS (for an admin) via a user input field for product options. NOTE: the vendor states that this "would rely on an admin hacking his/her own website.
Express-cart Project Express-cart
5
CVSSv2
CVE-2021-32820
Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications...
Express Handlebars Project Express Handlebars
5
CVSSv2
CVE-2019-15330
The webp-express plugin prior to 0.14.11 for WordPress has insufficient protection against arbitrary file reading.
Webp Express Project Webp Express
4.3
CVSSv2
CVE-2021-32817
express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potent...
Express Handlebars Project Express Handlebars
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »