Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2013-5444
The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote malicious users to read encrypted credentials via unspecified vectors.
Ibm Cognos Express 9.0
Ibm Cognos Express 9.5
Ibm Cognos Express 10.1
Ibm Cognos Express 10.2.1
445
VMScore
CVE-2013-5445
IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.
Ibm Cognos Express 9.5
Ibm Cognos Express 10.2.1
Ibm Cognos Express 10.1
Ibm Cognos Express 9.0
505
VMScore
CVE-2000-0653
Microsoft Outlook Express allows remote malicious users to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability.
Microsoft Outlook Express 4.0
Microsoft Outlook Express 4.01
Microsoft Outlook Express 5.0
Microsoft Outlook Express 5.0.1
1 EDB exploit
505
VMScore
CVE-1999-1033
Microsoft Outlook Express prior to 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
Microsoft Outlook Express 4.72.3120.0
Microsoft Outlook Express
Microsoft Outlook Express 4.27.3110.1
1 EDB exploit
445
VMScore
CVE-2001-0945
Buffer overflow in Outlook Express 5.0 up to and including 5.02 for Macintosh allows remote malicious users to cause a denial of service via an e-mail message that contains a long line.
Microsoft Outlook Express 5.0
Microsoft Outlook Express 5.0.1
Microsoft Outlook Express 5.0.2
312
VMScore
CVE-2021-32573
The express-cart package up to and including 1.1.10 for Node.js allows Reflected XSS (for an admin) via a user input field for product options. NOTE: the vendor states that this "would rely on an admin hacking his/her own website.
Express-cart Project Express-cart
383
VMScore
CVE-2021-32817
express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potent...
Express Handlebars Project Express Handlebars
801
VMScore
CVE-2018-3758
Unrestricted file upload (RCE) in express-cart module prior to 1.1.7 allows a privileged user to gain access in the hosting machine.
Express-cart Project Express-cart
668
VMScore
CVE-2020-24391
mongo-express prior to 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769.
Mongo-express Project Mongo-express
446
VMScore
CVE-2021-32820
Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications...
Express Handlebars Project Express Handlebars
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »