Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expression web vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2019-16405
Centreon Web prior to 2.8.30, 18.10.x prior to 18.10.8, 19.04.x prior to 19.04.5 and 19.10.x prior to 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may b...
Centreon Centreon Web
NA
CVE-2006-5712
Cross-site scripting (XSS) vulnerability in Mirapoint WebMail allows remote malicious users to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated using the width style for an IMG element.
Mirapoint Mirapoint Webmail
1 EDB exploit
NA
CVE-2003-0542
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache prior to 1.3.29 allow malicious users to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
Apache Http Server 2.0.42
Apache Http Server 1.3.23
Apache Http Server 2.0.47
Apache Http Server 1.3.27
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 2.0.44
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Apache Http Server 1.3.28
Apache Http Server 1.3.19
Apache Http Server 2.0.39
Apache Http Server 1.3.24
Apache Http Server 1.3.20
Apache Http Server 1.3.6
Apache Http Server 2.0.41
Apache Http Server 1.3.4
Apache Http Server 1.3.18
Apache Http Server 2.0.32
Apache Http Server 2.0.38
Apache Http Server 1.3
Apache Http Server 1.3.12
9.8
CVSSv3
CVE-2019-9169
In the GNU C Library (aka glibc or libc6) up to and including 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Gnu Glibc
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Cloud Backup
Mcafee Web Gateway
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
NA
CVE-2003-1419
Netscape 7.0 allows remote malicious users to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
Netscape Navigator 7.0
1 EDB exploit
NA
CVE-2006-5652
Cross-site scripting (XSS) vulnerability in Sun iPlanet Messaging Server Messenger Express allows remote malicious users to inject arbitrary web script via the expression Cascading Style Sheets (CSS) function, as demonstrated by setting the width style for an IMG element. NOTE: t...
Sun Iplanet Messaging Server Messenger Express
1 EDB exploit
NA
CVE-2024-5433
The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, ...
NA
CVE-2007-6321
Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2, 2007-12-09, and previous versions versions, when using Internet Explorer, allows remote malicious users to inject arbitrary web script or HTML via style sheets containing expression commands.
Roundcube Webmail
1 EDB exploit
NA
CVE-2011-1989
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 20...
Microsoft Office 2010
Microsoft Open Xml File Format Converter
Microsoft Office 2008
Microsoft Sharepoint Server 2007
Microsoft Office 2004
Microsoft Excel 2007
Microsoft Excel 2010
Microsoft Excel Viewer
Microsoft Office Compatibility Pack 2007
Microsoft Office 2007
Microsoft Sharepoint Server 2010
Microsoft Excel 2003
Microsoft Office 2011
Microsoft Excel Web App 2010
NA
CVE-2002-1527
emumail.cgi in EMU Webmail 5.0 allows remote malicious users to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.
Emumail Emu Webmail 5.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »