Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-1999-1376
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote malicious users to execute arbitrary commands.
Microsoft Internet Information Server 4.0
1 Github repository
10
CVSSv2
CVE-1999-0561
IIS has the #exec function enabled for Server Side Include (SSI) files.
10
CVSSv2
CVE-1999-0233
IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files.
Microsoft Internet Information Services 1.0
1 EDB exploit
9.3
CVSSv2
CVE-2014-6363
vbscript.dll in Microsoft VBScript 5.6 up to and including 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memo...
Microsoft Vbscript 5.6
Microsoft Vbscript 5.7
Microsoft Vbscript 5.8
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
1 EDB exploit
9.3
CVSSv2
CVE-2013-0079
Microsoft Visio Viewer 2010 SP1 allows remote malicious users to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
Microsoft Visio 2010
Microsoft Office Filter Pack 2010
Microsoft Visio Viewer 2010
9.3
CVSSv2
CVE-2010-2730
Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote malicious users to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability."
Microsoft Internet Information Services 7.5
1 Github repository
9
CVSSv2
CVE-2020-1112
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 10 1909
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
9
CVSSv2
CVE-2018-18931
An issue exists in the Tightrope Media Carousel digital signage product 7.0.4.104. Due to insecure default permissions on the C:\TRMS\Services directory, an attacker who has gained access to the system can elevate their privileges from a restricted account to full SYSTEM by repla...
Trms Carousel Digital Signage
9
CVSSv2
CVE-2019-1365
An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited this vulnerability can allow an unprivileged function ran by the user to execute code in the context...
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1607
Microsoft Windows 10 1809
Microsoft Windows Server 2008 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1803
Microsoft Windows 10 1903
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
1 Article
9
CVSSv2
CVE-2009-2509
Active Directory Federation Services (ADFS) in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly validate headers in HTTP requests, which allows remote authenticated users to execute arbitrary code via a crafted request to an IIS web server, aka &qu...
Microsoft Windows Server 2008
Microsoft Windows Server 2003
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »