Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
index server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-3771
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
Statics-server Project Statics-server
NA
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular num...
X.org Xwayland
X.org Xorg-server
Fedoraproject Fedora 39
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2002-1066
Thomas Hauck Jana Server 1.4.6 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and allows a bu...
T. Hauck Jana Web Server 1.0
T. Hauck Jana Web Server 1.45
T. Hauck Jana Web Server 1.46
T. Hauck Jana Web Server 2.0
T. Hauck Jana Web Server 2.0 Beta2
T. Hauck Jana Web Server 2.0 Beta1
T. Hauck Jana Web Server 2.2.1
4.3
CVSSv2
CVE-2018-11040
Spring Framework, versions 5.0.x before 5.0.7 and 4.3.x before 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for...
Vmware Spring Framework
Oracle Flexcube Private Banking 2.2.0.1
Oracle Retail Xstore Point Of Service 7.1
Oracle Application Testing Suite 12.5.0.3
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Endeca Information Discovery Integrator 3.1.0
Oracle Agile Product Lifecycle Management 9.3.3
Oracle Agile Product Lifecycle Management 9.3.4
Oracle Agile Product Lifecycle Management 9.3.5
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Online Mediation Controller 6.1
Oracle Communications Services Gatekeeper
Oracle Healthcare Master Person Index 3.0
Oracle Healthcare Master Person Index 4.0
Oracle Insurance Rules Palette 10.0
Oracle Insurance Rules Palette 10.2
7.1
CVSSv2
CVE-2007-5969
MySQL Community Server 5.0.x prior to 5.0.51, Enterprise Server 5.0.x prior to 5.0.52, Server 5.1.x prior to 5.1.23, and Server 6.0.x prior to 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated u...
Mysql Mysql Server 6.0
Mysql Mysql Server 6.0.3
Mysql Mysql Server 6.0.1
Mysql Mysql Server 5.1.22
Mysql Mysql Server 6.0.2
Mysql Community Server 5.0.45
Mysql Community Server 5.0.41
Mysql Community Server 5.0.44
Mysql Community Server
Mysql Mysql Enterprise Server 5.0.50
4
CVSSv2
CVE-2020-2527
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Index, Create Table privilege with network access via Orac...
Oracle Database Server 12.1.0.2
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
5
CVSSv2
CVE-2006-3426
Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) prior to 6.1 P1 and 6.2.x prior to 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and previous versions allows remote malicious users to overwrite arbitrary files and directories via a .. (dot dot) sequence in th...
Lumension Patchlink Update Server 6.2.0.181
Lumension Patchlink Update Server 6.2.0.189
Novell Zenworks
Lumension Patchlink Update Server 6.1
5.5
CVSSv2
CVE-2019-2776
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Index privilege with network access via OracleNet to c...
Oracle Database Server 12.1.0.2
Oracle Database Server 18c
Oracle Database Server 19c
Oracle Database Server 12.2.0.1
7.8
CVSSv2
CVE-2019-11467
In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like \t, <, >, it caused buffer overrun as encoded string would be much larger than accounted for, causing indexer serv...
Couchbase Couchbase Server 5.5.0
Couchbase Couchbase Server 4.6.3
5
CVSSv2
CVE-2022-32557
An issue exists in Couchbase Server prior to 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers.
Couchbase Couchbase Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »