Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2023-40051
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 before 11.7.18, 12.2 before 12.2.13, and innovation releases before 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on...
Progress Openedge
Progress Openedge Innovation
9.9
CVSSv3
CVE-2022-0939
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web before 0.6.18.
Calibre-web Project Calibre-web
9.9
CVSSv3
CVE-2022-0767
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web before 0.6.17.
Calibre-web Project Calibre-web
9.9
CVSSv3
CVE-2021-40358
A vulnerability has been identified in SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3 UC04), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP1), SIMATIC WinCC V15 and previous versions (All versions < V15 SP1 Update 7), SIMATIC WinCC V16 (All ve...
Siemens Simatic Wincc 7.4
Siemens Simatic Pcs 7 8.2
Siemens Simatic Wincc 7.5
Siemens Simatic Wincc 15.1
Siemens Simatic Pcs 7 9.0
Siemens Simatic Wincc 17
Siemens Simatic Wincc 15
Siemens Simatic Wincc 16
Siemens Simatic Pcs 7 9.1
9.9
CVSSv3
CVE-2020-15860
Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error causing remote code execution. It allows an authenticated user to execute any application in the backend operating system through the web application, despite the affected application not being published....
Parallels Remote Application Server 17.1.1
9.9
CVSSv3
CVE-2019-1365
An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context...
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1607
Microsoft Windows 10 1809
Microsoft Windows Server 2008 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1803
Microsoft Windows 10 1903
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
1 Article
9.9
CVSSv3
CVE-2017-10352
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated ...
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.1.0
Oracle Weblogic Server 12.2.1.2.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.1.3.0.0
1 Github repository
9.8
CVSSv3
CVE-2022-32257
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to...
Siemens Sinema Remote Connect Server
9.8
CVSSv3
CVE-2021-4436
The 3DPrint Lite WordPress plugin prior to 1.9.1.5 does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing ...
Wp3dprinting 3dprint Lite
9.8
CVSSv3
CVE-2024-23822
Thruk is a multibackend monitoring webinterface. before 3.12, the Thruk web monitoring application presents a vulnerability in a file upload form that allows a threat actor to arbitrarily upload files to the server to any path they desire and have permissions for. This vulnerabil...
Thruk Thruk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »