Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
compound vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-1515
Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote malicious users to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details...
Christos Zoulas File 5.00
NA
CVE-2010-0126
Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote malicious users to execute arbitrary code via a crafted compound file, as demonstrated using a Quattro Pro file, which is n...
Autonomy Keyview Export Sdk 10.9
Autonomy Keyview Filter Sdk 10.4
Autonomy Keyview Export Sdk 10.4
Autonomy Keyview Viewer Sdk 10.9
Autonomy Keyview Filter Sdk 10.9
Autonomy Keyview Viewer Sdk 10.4
NA
CVE-2005-0063
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote malicious users to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), a...
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows Me
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server R2
1 EDB exploit
9.8
CVSSv3
CVE-2022-47939
An issue exists in ksmbd in the Linux kernel 5.15 up to and including 5.19 prior to 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.
Linux Linux Kernel
NA
CVE-2005-0044
The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote malicious users to execute arbitrary code, aka the "Input Validation Vulnerability.&...
Microsoft Exchange Server 5.0
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows Me
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
NA
CVE-2021-47450
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2 PGDs individually. However, when running KVM in protected mode, the host's stage-2 PGD is curr...
NA
CVE-2023-52739
In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca...
NA
CVE-2012-0213
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and previous versions allows remote malicious users to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value in a Channel D...
Apache Poi 3.8
Apache Poi 3.5
Apache Poi 3.1
Apache Poi 3.0.2
Apache Poi 3.0
Apache Poi 2.5.1
Apache Poi 2.5
Apache Poi 1.10
Apache Poi 1.8
Apache Poi 1.0.1
Apache Poi 1.0.0
Apache Poi 0.5
Apache Poi 0.4
Apache Poi
Apache Poi 3.7
Apache Poi 3.6
Apache Poi 3.2
Apache Poi 3.0.1
Apache Poi 2.0
Apache Poi 1.5
Apache Poi 1.2.0
Apache Poi 0.12.0
8.1
CVSSv3
CVE-2022-47943
An issue exists in ksmbd in the Linux kernel 5.15 up to and including 5.19 prior to 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.
Linux Linux Kernel
5.9
CVSSv3
CVE-2017-17664
A Remote Crash issue exists in Asterisk Open Source 13.x prior to 13.18.4, 14.x prior to 14.7.4, and 15.x prior to 15.1.4 and Certified Asterisk prior to 13.13-cert9. Certain compound RTCP packets cause a crash in the RTCP Stack.
Digium Asterisk
Digium Certified Asterisk 13.13
Digium Certified Asterisk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »