Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2016-3987
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
Trendmicro Password Manager -
1 EDB exploit
1000
VMScore
CVE-2015-1635
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote malicious users to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
Microsoft Windows 8 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 7 -
2 EDB exploits
2 Metasploit modules
1 Nmap script
22 Github repositories
2 Articles
1000
VMScore
CVE-2014-9222
AllegroSoft RomPager 4.34 and previous versions, as used in Huawei Home Gateway products and other vendors and products, allows remote malicious users to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.
Allegrosoft Rompager
4 Metasploit modules
1 Nmap script
3 Github repositories
2 Articles
1000
VMScore
CVE-2014-3828
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allow remote malicious users to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid para...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
2 EDB exploits
1000
VMScore
CVE-2014-3829
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 (fixed in Centreon web 2.5.3) allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variabl...
Merethis Centreon 2.5.1
Merethis Centreon Enterprise Server 2.2
1 EDB exploit
1000
VMScore
CVE-2014-6278
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feat...
Gnu Bash 1.14.5
Gnu Bash 1.14.6
Gnu Bash 2.03
Gnu Bash 2.04
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.1
Gnu Bash 1.14.2
Gnu Bash 2.01
Gnu Bash 2.01.1
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.2
Gnu Bash 4.3
Gnu Bash 1.14.0
Gnu Bash 1.14.7
Gnu Bash 2.0
Gnu Bash 2.05
Gnu Bash 4.1
Gnu Bash 1.14.3
Gnu Bash 1.14.4
Gnu Bash 2.02
5 EDB exploits
12 Github repositories
1000
VMScore
CVE-2014-6277
GNU Bash up to and including 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote malicious users to execute arbitrary code or cause a denial of service (uninitialized memory access, and untrusted-pointer read and...
Gnu Bash 1.14.2
Gnu Bash 1.14.3
Gnu Bash 2.01.1
Gnu Bash 2.02
Gnu Bash 3.0
Gnu Bash 3.0.16
Gnu Bash 4.3
Gnu Bash 1.14.6
Gnu Bash 1.14.7
Gnu Bash 2.04
Gnu Bash 2.05
Gnu Bash 3.2.48
Gnu Bash 4.0
Gnu Bash 1.14.0
Gnu Bash 1.14.1
Gnu Bash 2.0
Gnu Bash 2.01
Gnu Bash 4.1
Gnu Bash 4.2
Gnu Bash 1.14.4
Gnu Bash 1.14.5
Gnu Bash 2.02.1
3 EDB exploits
4 Github repositories
1000
VMScore
CVE-2014-3791
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote malicious users to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
Efssoft Easy File Sharing Web Server 6.8
1 EDB exploit
1000
VMScore
CVE-2013-2465
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Suse Linux Enterprise Java 11
Suse Linux Enterprise Java 10
1 EDB exploit
2 Github repositories
8 Articles
1000
VMScore
CVE-2013-2472
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and previous versions, 6 Update 45 and previous versions, and 5.0 Update 45 and previous versions, and OpenJDK 7, allows remote malicious users to affect confidentiality, integ...
Oracle Jre 1.7.0
Oracle Jre
Oracle Jdk 1.7.0
Oracle Jdk
Sun Jre 1.6.0
Oracle Jre 1.6.0
Sun Jdk 1.6.0
Oracle Jdk 1.6.0
Sun Jre 1.5.0
Oracle Jre 1.5.0
Sun Jdk 1.5.0
Oracle Jdk 1.5.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »