Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cesar cerrudo vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2003-0470
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote malicious users to execute arbitrary code via a long argument to CompareVersionStrings.
Symantec Security Check
1 EDB exploit
905
VMScore
CVE-2008-1436
Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent malicious users to gain privileges by using one service process to capture a res...
Microsoft Windows Server 2003
Microsoft Windows Vista -
Microsoft Windows-nt Vista
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Xp
1 EDB exploit
725
VMScore
CVE-2004-0894
LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Datacenter 64-bit
1 EDB exploit
695
VMScore
CVE-2009-0080
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privilege...
Microsoft Windows Server 2008 -
Microsoft Windows Vista -
1 EDB exploit
725
VMScore
CVE-2005-0047
Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows malicious users to execute arbitrary code, aka the "COM Structured Storage Vulnerability."
Microsoft Windows Xp
Microsoft Windows 2003 Server R2
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
1 EDB exploit
755
VMScore
CVE-2005-0058
Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows malicious users to elevate privileges or execute arbitrary code via a crafted message.
Microsoft Windows 2000
Microsoft Windows 98se
Microsoft Windows Me
Microsoft Windows 2003 Server R2
Microsoft Windows 98
Microsoft Windows Xp
1 EDB exploit
685
VMScore
CVE-2010-2554
The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Traci...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Vista
1 EDB exploit
505
VMScore
CVE-2005-0701
Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote malicious users to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename.
Oracle Database Server
1 EDB exploit
740
VMScore
CVE-2004-0213
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with raised privileges, which allows local users to gain system privileges via a "Shatter" style attack that sends a Windows message to cause Utility Manager to launch winhlp32 by dir...
Microsoft Windows 2000 -
4 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2