Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft internet information services - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to execute arbitrary code or cause a denial of service (crash) via a negative input value.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
7.5
CVSSv2
CVE-2013-5554
Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile prior to 3.5.5 allows remote malicious users to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773.
Cisco Wide Area Application Services Mobile
Cisco Wide Area Application Services Mobile 3.5.3
Cisco Wide Area Application Services Mobile 3.5.2
Cisco Wide Area Application Services Mobile 3.5.1
Cisco Wide Area Application Services Mobile 3.5.0
Cisco Wide Area Application Services Mobile 3.4.1
Cisco Wide Area Application Services Mobile 3.3.4
Cisco Wide Area Application Services Mobile 3.3.1
Cisco Wide Area Application Services Mobile 3.4.2
Cisco Wide Area Application Services Mobile 3.4
7.5
CVSSv2
CVE-2011-3556
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and previous versions, 5.0 Update 31 and previous versions, 1.4.2_33 and previous versions, and JRockit R28.1.4 and previous versions allows remote malicious users to ...
Sun Jre 1.7.0
Sun Jdk 1.7.0
Oracle Jrockit
Oracle Jrockit R28.0.1
Oracle Jrockit R28.0.0
Oracle Jrockit R28.1.3
Oracle Jrockit R28.1.1
Oracle Jrockit R28.1.0
Oracle Jrockit R28.0.2
Sun Jre 1.6.0
Sun Jdk 1.6.0
Sun Jdk
Sun Jre
Sun Jre 1.5.0
Sun Jdk 1.5.0
Sun Jre 1.4.2 32
Sun Jre 1.4.2 31
Sun Jre 1.4.2 30
Sun Jre 1.4.2 23
Sun Jre 1.4.2 22
Sun Jre 1.4.2 15
Sun Jre 1.4.2 14
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2009-1122
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.0 on Windows 2000 SP4 does not properly decode URLs, which allows remote malicious users to bypass authentication, and possibly read or create files, via a crafted HTTP request, aka "IIS 5.0 WebDAV Authe...
Microsoft Internet Information Services 5.0
1 EDB exploit
7.5
CVSSv2
CVE-2009-1535
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote malicious users to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as...
Microsoft Internet Information Services 5.1
Microsoft Internet Information Services 6.0
2 EDB exploits
7.5
CVSSv2
CVE-2007-2897
Microsoft Internet Information Services (IIS) 6.0 allows remote malicious users to cause a denial of service (server instability or device hang), and possibly obtain sensitive information (device communication traffic); and might allow attackers with physical access to execute ar...
Microsoft Internet Information Server 6.0
7.5
CVSSv2
CVE-2006-6578
Microsoft Internet Information Services (IIS) 5.1 permits the IUSR_Machine account to execute non-EXE files such as .COM files, which allows malicious users to execute arbitrary commands via arguments to any .COM file that executes those arguments, as demonstrated using win.com w...
Microsoft Internet Information Services 5.1
7.5
CVSSv2
CVE-2004-0119
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote malicious users to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authe...
Microsoft Windows Xp -
Microsoft Windows 2000 -
Microsoft Windows Server 2003 -
7.5
CVSSv2
CVE-2003-0822
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote malicious users to execute arbitrary code via a crafted chunked encoded request.
Microsoft Frontpage Server Extensions 2000
Microsoft Frontpage Server Extensions 2002
Microsoft Sharepoint Team Services 2002
Microsoft Windows 2000
Microsoft Windows Xp
2 EDB exploits
7.5
CVSSv2
CVE-2003-0349
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote malicious users to execute arbitrary code via a large POST request to...
Microsoft Windows 2000
3 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »