Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1868
Restlet Framework 2.1.x prior to 2.1.7 and 2.x.x prior to 2.2 RC1, when using XMLRepresentation or XML serializers, allows malicious users to cause a denial of service via an XML Entity Expansion (XEE) attack.
Restlet Restlet Framework
Restlet Restlet Framework 2.2
Restlet Restlet Framework 2.1.6
Restlet Restlet Framework 2.1.5
Restlet Restlet Framework 2.1.4
Restlet Restlet Framework 2.1.3
Restlet Restlet Framework 2.1.2
Restlet Restlet Framework 2.1.1
Restlet Restlet Framework 2.1.0
NA
CVE-2004-2741
Cross-site scripting (XSS) vulnerability in the "help window" (help.php) in Horde Application Framework 2.2.6 allows remote malicious users to inject arbitrary web script or HTML via the (1) module, (2) topic, or (3) module parameters.
Horde Application Framework 2.2
Horde Application Framework 2.2.1
Horde Application Framework 2.1
Horde Application Framework 2.1.3
Horde Application Framework 2.2.6
Horde Application Framework 2.2.3
Horde Application Framework 2.2.4
Horde Application Framework 2.0
Horde Application Framework 2.2.4 Rc1
Horde Application Framework 2.2.5
NA
CVE-2010-3694
Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework prior to 3.3.9 allows remote malicious users to hijack the authentication of unspecified victims for requests to a preference form.
Horde Horde Application Framework 1.0.3
Horde Horde Application Framework 1.1.1
Horde Horde Application Framework 2.0
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2.7
Horde Horde Application Framework 2.2.8
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 3.1.3
Horde Horde Application Framework 3.1.4
Horde Horde Application Framework 3.2.1
Horde Horde Application Framework 3.2.3
Horde Horde Application Framework 3.3.5
Horde Horde Application Framework 3.3.6
Horde Horde Application Framework 3.1.8
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 1.3.3
Horde Horde Application Framework 1.3.4
Horde Horde Application Framework 2.2
Horde Horde Application Framework 2.2.1
NA
CVE-2010-3077
Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework prior to 3.3.9 allows remote malicious users to inject arbitrary web script or HTML via the subdir parameter.
Horde Horde Application Framework 1.0.3
Horde Horde Application Framework 1.1.1
Horde Horde Application Framework 2.0
Horde Horde Application Framework 2.1
Horde Horde Application Framework 2.2.6
Horde Horde Application Framework 2.2.7
Horde Horde Application Framework 3.0.3
Horde Horde Application Framework 3.0.9
Horde Horde Application Framework 3.1.3
Horde Horde Application Framework 3.1.4
Horde Horde Application Framework 3.2
Horde Horde Application Framework 3.2.1
Horde Horde Application Framework 3.3.5
Horde Horde Application Framework 3.3.6
Horde Horde Application Framework 3.1.8
Horde Horde Application Framework 3.0.5
Horde Horde Application Framework 3.0.8
Horde Horde Application Framework 1.3.2
Horde Horde Application Framework 1.3.5
Horde Horde Application Framework 2.2.4
Horde Horde Application Framework 2.2.5
Horde Horde Application Framework 3.0.1
1 EDB exploit
NA
CVE-2014-4072
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly use a hash table for request data, which allows remote malicious users to cause a denial of service (resource consumption and ASP.NET performance degradation) via crafted re...
Microsoft .net Framework 2.0
Microsoft .net Framework 1.1
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 3.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
NA
CVE-2015-6096
The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka &...
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.6
NA
CVE-2015-1673
The Windows Forms (aka WinForms) libraries in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 allow user-assisted remote malicious users to execute arbitrary code via a crafted partial-trust application, aka "Windows Forms Elevation of Privile...
Microsoft .net Framework 1.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
NA
CVE-2014-0257
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it is safe to execute a method, which allows remote malicious users to execute arbitrary code via (1) a crafted web site or (2) a crafted .NET Framework applicati...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 4.5
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.0
1 EDB exploit
7.8
CVSSv3
CVE-2017-0160
Microsoft .NET Framework 2.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allows an attacker with access to the local system to execute malicious code, aka ".NET Remote Code Execution Vulnerability."
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
1 EDB exploit
7.8
CVSSv3
CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an malicious user to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."
Microsoft .net Framework 4.6.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.7
1 EDB exploit
24 Github repositories
13 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »