Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
data engine vulnerabilities and exploits
(subscribe to this query)
725
VMScore
CVE-2003-0232
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.
Microsoft Data Engine 1.0
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
1 EDB exploit
409
VMScore
CVE-2002-0643
The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain ...
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
Microsoft Sql Server 2000
445
VMScore
CVE-2008-0085
SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memo...
Microsoft Data Engine 1.0
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
Microsoft Sql Server 2005
Microsoft Sql Server Desktop Engine 2000
Microsoft Wmsde 2000
Microsoft Wyukon
801
VMScore
CVE-2008-0086
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
Microsoft Sql Server 7.0
Microsoft Sql Server Desktop Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 2005
Microsoft Sql Server Express Edition 2005
Microsoft Data Engine 1.0
801
VMScore
CVE-2008-0106
Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement.
Microsoft Sql Server 7.0
Microsoft Sql Server Desktop Engine 2000
Microsoft Sql Server Express Edition 2005
Microsoft Data Engine 1.0
Microsoft Sql Server 2000
Microsoft Sql Server 2005
801
VMScore
CVE-2008-0107
Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users ...
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
Microsoft Sql Server 2005
Microsoft Sql Server Desktop Engine 2000
Microsoft Data Engine 1.0
Microsoft Wmsde 2000
Microsoft Wyukon
Microsoft Windows Server 2008
NA
CVE-2022-1700
Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud ...
Forcepoint Cloud Security Gateway
Forcepoint Email Security
Forcepoint One Endpoint With Policy Engine
Forcepoint Data Loss Prevention
Forcepoint Web Security Content Gateway
534
VMScore
CVE-2014-7851
oVirt 3.2.2 up to and including 3.5.0 does not invalidate the restapi session after logout from the webadmin, which allows remote authenticated users with knowledge of another user's session data to gain that user's privileges by replacing their session token with that ...
Ovirt Ovirt 3.3.2
Ovirt Ovirt 3.4.0
Redhat Ovirt-engine 3.2.2
Redhat Ovirt-engine 3.3
Redhat Ovirt-engine 3.3.0.1
Redhat Ovirt-engine 3.3.1
Redhat Ovirt-engine 3.3.2
Redhat Ovirt-engine 3.3.3
Redhat Ovirt-engine 3.3.4
Redhat Ovirt-engine 3.3.5
Redhat Ovirt-engine 3.4.0
Redhat Ovirt-engine 3.4.1
Redhat Ovirt-engine 3.4.2
Redhat Ovirt-engine 3.4.3
Redhat Ovirt-engine 3.4.4
Redhat Ovirt-engine 3.5.0
NA
CVE-2022-26122
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an malicious user to bypass the AV engine via manipulating MIME attachment with junk and pa...
Fortinet Fortimail 4.1.0
Fortinet Fortimail
Fortinet Fortios
Fortinet Fortios 7.2.0
Fortinet Antivirus Engine 6.33
Fortinet Antivirus Engine 6.253
Fortinet Antivirus Engine 6.252
Fortinet Antivirus Engine 6.243
Fortinet Antivirus Engine 6.157
Fortinet Antivirus Engine 6.156
Fortinet Antivirus Engine 6.145
Fortinet Antivirus Engine 6.144
Fortinet Antivirus Engine 6.142
Fortinet Antivirus Engine 6.137
Fortinet Antivirus Engine 4.4.54
Fortinet Antivirus Engine 2.0.60
Fortinet Antivirus Engine 2.0.49
Fortinet Antivirus Engine 0.4.23
890
VMScore
CVE-2007-2282
Cisco Network Services (CNS) NetFlow Collection Engine (NFC) prior to 6.0 has an nfcuser account with the default password nfcuser, which allows remote malicious users to modify the product configuration and, when installed on Linux, obtain login access to the host operating syst...
Cisco Netflow Collection Engine 4.0
Cisco Netflow Collection Engine 5.0
Cisco Netflow Collection Engine 3.5
Cisco Netflow Collection Engine 3.6
Cisco Netflow Collection Engine 5.0.3
Cisco Netflow Collection Engine 1.0
Cisco Netflow Collection Engine 2.0
Cisco Netflow Collection Engine 3.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »