Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
h d moore vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2005-3757
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote malicious users to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, su...
Google Mini Search Appliance
Google Search Appliance
2 EDB exploits
7.2
CVSSv2
CVE-2006-0745
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepa...
X.org X11r7 1.0
X.org X11r7 1.0.1
X.org X11r6 6.9
Mandrakesoft Mandrake Linux 2006
Suse Suse Linux 10.0
Redhat Fedora Core Core 5.0
Sun Solaris 10.0
1 EDB exploit
5.1
CVSSv2
CVE-2006-0003
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote malicious users to execute arbitrary code via unknown attack vectors.
Microsoft Data Access Components 2.8
Microsoft Data Access Components 2.7
Microsoft Data Access Components 2.5
3 EDB exploits
2 Articles
4.6
CVSSv2
CVE-2001-0311
Vulnerability in OmniBackII A.03.50 in HP 11.x and previous versions allows malicious users to gain unauthorized access to an OmniBack client.
Hp Omniback Ii A.03.50
Hp Hp-ux
3 EDB exploits
8.3
CVSSv2
CVE-2009-2765
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote malicious users to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
Dd-wrt Dd-wrt
3 EDB exploits
7.5
CVSSv2
CVE-2009-2288
statuswml.cgi in Nagios prior to 3.1.1 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters.
Nagios Nagios 3.0
Nagios Nagios 2.7
Nagios Nagios 3.0.6
Nagios Nagios 1.1
Nagios Nagios 3.0.1
Nagios Nagios 1.0
Nagios Nagios
Nagios Nagios 1.0b4
Nagios Nagios 3.0.2
Nagios Nagios 2.0b4
Nagios Nagios 2.10
Nagios Nagios 2.0
Nagios Nagios 3.0.4
Nagios Nagios 1.4.1
Nagios Nagios 1.0b1
Nagios Nagios 3.0.3
Nagios Nagios 1.0b2
Nagios Nagios 3.0.5
3 EDB exploits
10
CVSSv2
CVE-2003-0085
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba prior to 2.2.8, and Samba-TNG prior to 0.3.1, allows remote malicious users to execute arbitrary code.
Samba Samba 2.2.1a
Samba Samba 2.0.10
Samba Samba 2.0.1
Samba Samba 2.2.3a
Samba Samba 2.0.2
Samba Samba 2.2.3
Samba Samba 2.0.6
Samba Samba 2.0.4
Samba Samba 2.2.7a
Samba Samba 2.2.4
Samba Samba 2.0.9
Samba Samba 2.0.3
Samba Samba 2.2.6
Samba Samba 2.2.0a
Samba Samba 2.0.7
Samba Samba 2.0.8
Samba Samba 2.2.2
Samba Samba 2.0.5
Samba Samba 2.2.0
Samba Samba 2.0.0
Samba Samba 2.2.5
Samba Samba 2.2.7
3 EDB exploits
7.5
CVSSv2
CVE-2006-2369
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager, allows remote malicious users to bypass authentication via a request in which the client specifies an insecure security type such as "Type 1 - None", which is accepted even if...
Vnc Realvnc 4.1.1
4 EDB exploits
2 Nmap scripts
2 Github repositories
7.5
CVSSv2
CVE-2002-1643
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote malicious users to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET r...
Realnetworks Helix Universal Server 9.0.2.768
Realnetworks Helix Universal Server 9.0
3 EDB exploits
10
CVSSv2
CVE-2001-1583
lpd daemon (in.lpd) in Solaris 8 and previous versions allows remote malicious users to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-12...
Sun Sunos
4 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »