Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-17891
Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users will trigger an HTTP 500 error, leaking technical information an attacker could ...
Carestream Carestream Vue Ris
4
CVSSv2
CVE-2018-16956
The AjaxControl component of Oracle WebCenter Interaction Portal 10.3.3 does not validate the names of pages when processing page rename requests. Pages can be renamed to include characters unsupported for URIs by the web server hosting the WCI Portal software (such as IIS). Rena...
Oracle Webcenter Interaction 10.3.3
5.8
CVSSv2
CVE-2018-16958
An issue exists in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NET_SessionID primary session cookie, when Internet Information Services (IIS) with ASP.NET is used, is not protected with the HttpOnly attribute. The attribute cannot be enabled by customers. Consequently, th...
Oracle Webcenter Interaction 10.3.3
4
CVSSv2
CVE-2018-14773
An issue exists in Http Foundation in Symfony 2.7.0 up to and including 2.7.48, 2.8.0 up to and including 2.8.43, 3.3.0 up to and including 3.3.17, 3.4.0 up to and including 3.4.13, 4.0.0 up to and including 4.0.13, and 4.1.0 up to and including 4.1.2. It arises from support for ...
Sensiolabs Symfony
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Drupal Drupal
1 Github repository
4.3
CVSSv2
CVE-2018-1233
RSA Authentication Agent version 8.0.1 and previous versions for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. The attackers could potentially exploit this vulnerability to execute arbitrary HTML or JavaScript code in the user's...
Rsa Authentication Agent For Web
2.1
CVSSv2
CVE-2018-1234
RSA Authentication Agent version 8.0.1 and previous versions for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. The attacker with local access to the system can ...
Rsa Authentication Agent For Web
5
CVSSv2
CVE-2018-1232
RSA Authentication Agent version 8.0.1 and previous versions for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerabili...
Rsa Authentication Agent For Web
4.6
CVSSv2
CVE-2015-7597
SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
Gemalto Safenet Authentication Service Iis Agent -
2.1
CVSSv2
CVE-2016-0382
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. IBM X-Force ID: 112356.
Ibm Tealeaf Consumer Experience 8.8.1
Ibm Tealeaf Consumer Experience 9.0
Ibm Tealeaf Consumer Experience 9.0.2
Ibm Tealeaf Consumer Experience 8.7.0
Ibm Tealeaf Consumer Experience 8.7.1
Ibm Tealeaf Consumer Experience 8.8.0
Ibm Tealeaf Consumer Experience 8.7
Ibm Tealeaf Consumer Experience 9.0.1
Ibm Tealeaf Consumer Experience 8.8
Ibm Tealeaf Consumer Experience 8.8.2
10
CVSSv2
CVE-2017-7269
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote malicious users to execute arbitrary code via a long header beginning with "If: <http://" in a PROP...
Microsoft Internet Information Server 6.0
2 EDB exploits
21 Github repositories
2 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »