Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
index server vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-29589
Crypt Server prior to 3.3.0 allows XSS in the index view. This is related to serial, computername, and username.
Crypt-server Project Crypt-server
6.1
CVSSv3
CVE-2018-3771
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser.
Statics-server Project Statics-server
NA
CVE-2002-1066
Thomas Hauck Jana Server 1.4.6 and previous versions allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and allows a bu...
T. Hauck Jana Web Server 1.0
T. Hauck Jana Web Server 2.0
T. Hauck Jana Web Server 2.2.1
T. Hauck Jana Web Server 2.0 Beta2
T. Hauck Jana Web Server 1.45
T. Hauck Jana Web Server 2.0 Beta1
T. Hauck Jana Web Server 1.46
9.8
CVSSv3
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular num...
X.org Xwayland
X.org Xorg-server
Fedoraproject Fedora 39
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Debian Debian Linux 10.0
NA
CVE-2007-5969
MySQL Community Server 5.0.x prior to 5.0.51, Enterprise Server 5.0.x prior to 5.0.52, Server 5.1.x prior to 5.1.23, and Server 6.0.x prior to 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated u...
Mysql Mysql Server 6.0
Mysql Mysql Server 6.0.3
Mysql Mysql Server 6.0.1
Mysql Mysql Server 5.1.22
Mysql Mysql Server 6.0.2
Mysql Community Server 5.0.45
Mysql Community Server 5.0.41
Mysql Community Server 5.0.44
Mysql Community Server
Mysql Mysql Enterprise Server 5.0.50
4.1
CVSSv3
CVE-2020-2527
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Index, Create Table privilege with network access via Orac...
Oracle Database Server 12.1.0.2
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
5.9
CVSSv3
CVE-2018-11039
Spring Framework (versions 5.0.x before 5.0.7, versions 4.3.x before 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-e...
Vmware Spring Framework
Oracle Retail Xstore Point Of Service 7.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Application Testing Suite 12.5.0.3
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Endeca Information Discovery Integrator 3.1.0
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Diameter Signaling Router
Oracle Communications Performance Intelligence Center
Oracle Insurance Rules Palette 10.0
Oracle Insurance Rules Palette 10.2
Oracle Communications Services Gatekeeper
Oracle Health Sciences Information Manager 3.0
Oracle Healthcare Master Person Index 3.0
1 Github repository
NA
CVE-2006-3426
Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) prior to 6.1 P1 and 6.2.x prior to 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and previous versions allows remote malicious users to overwrite arbitrary files and directories via a .. (dot dot) sequence in th...
Novell Zenworks
Lumension Patchlink Update Server 6.2.0.181
Lumension Patchlink Update Server 6.1
Lumension Patchlink Update Server 6.2.0.189
7.6
CVSSv3
CVE-2019-2776
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Index privilege with network access via OracleNet to c...
Oracle Database Server 12.1.0.2
Oracle Database Server 12.2.0.1
Oracle Database Server 18c
Oracle Database Server 19c
7.5
CVSSv3
CVE-2019-11467
In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the entries to be indexed using collatejson. When index entries contain certain characters like \t, <, >, it caused buffer overrun as encoded string would be much larger than accounted for, causing indexer serv...
Couchbase Couchbase Server 4.6.3
Couchbase Couchbase Server 5.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »