Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache james vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3524
Apache OpenOffice prior to 4.1.1 allows remote malicious users to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
Apache Openoffice
Libreoffice Libreoffice
3 Github repositories
NA
CVE-2023-51747
Apache James prior to versions 3.8.1 and 3.7.5 is vulnerable to SMTP smuggling. A lenient behaviour in line delimiter handling might create a difference of interpretation between the sender and the receiver which can be exploited by an malicious user to forge an SMTP envelop, all...
NA
CVE-2024-21742
Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an malicious user to add unintended headers to MIME messages.
NA
CVE-2023-51518
Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note t...
1 Github repository
NA
CVE-2002-0656
Buffer overflows in OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, allow remote malicious users to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
Oracle Http Server 9.0.1
Oracle Corporate Time Outlook Connector 3.1
Oracle Corporate Time Outlook Connector 3.1.2
Openssl Openssl 0.9.3
Openssl Openssl 0.9.7
Oracle Application Server
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.4
Oracle Http Server 9.2.0
Openssl Openssl 0.9.5a
Oracle Corporate Time Outlook Connector 3.3
Openssl Openssl 0.9.6b
Oracle Application Server 1.0.2.1s
Openssl Openssl 0.9.6c
Oracle Application Server 1.0.2.2
Oracle Corporate Time Outlook Connector 3.1.1
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.5
Oracle Application Server 1.0.2
1 EDB exploit
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1182 Github repositories
28 Articles
NA
CVE-2024-32656
Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 up to and including 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerab...
NA
CVE-2002-0655
OpenSSL 0.9.6d and previous versions, and 0.9.7-beta2 and previous versions, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow malicious users to cause a denial of service and possibly execute arbitrary code.
Oracle Http Server 9.0.1
Oracle Corporate Time Outlook Connector 3.1
Oracle Corporate Time Outlook Connector 3.1.2
Openssl Openssl 0.9.3
Openssl Openssl 0.9.7
Oracle Application Server
Openssl Openssl 0.9.6d
Openssl Openssl 0.9.1c
Openssl Openssl 0.9.6
Openssl Openssl 0.9.6a
Openssl Openssl 0.9.4
Oracle Http Server 9.2.0
Openssl Openssl 0.9.5a
Oracle Corporate Time Outlook Connector 3.3
Openssl Openssl 0.9.6b
Oracle Application Server 1.0.2.1s
Openssl Openssl 0.9.6c
Oracle Application Server 1.0.2.2
Oracle Corporate Time Outlook Connector 3.1.1
Openssl Openssl 0.9.2b
Openssl Openssl 0.9.5
Oracle Application Server 1.0.2
NA
CVE-2002-0657
Buffer overflow in OpenSSL 0.9.7 prior to 0.9.7-beta3, with Kerberos enabled, allows malicious users to execute arbitrary code via a long master key.
Openssl Openssl 0.9.7
9.8
CVSSv3
CVE-2023-38035
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an malicious user to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.
Ivanti Mobileiron Sentry
1 Metasploit module
4 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »