Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft web applications vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote malicious users to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Xp -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 2003 Server
2 EDB exploits
3 Github repositories
23 Articles
5.8
CVSSv2
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
9.3
CVSSv2
CVE-2008-2306
Apple Safari prior to 3.1.2 on Windows does not properly interpret the URLACTION_SHELL_EXECUTE_HIGHRISK Internet Explorer zone setting, which allows remote malicious users to bypass intended access restrictions, and force a client system to download and execute arbitrary files.
Apple Safari 3.0
Apple Safari 3.1
Apple Safari
Apple Safari 3.0.3
Apple Safari 3.0.4
Apple Safari 3.0.1
Apple Safari 3.0.2
6.8
CVSSv2
CVE-2008-1196
Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and previous versions and 5.0 Update 14 and previous versions; and SDK and JRE 1.4.2_16 and previous versions; allows remote malicious users to execute arbitrary code via a crafted JNLP file.
Sun Jdk 1.5.0
Sun Jdk 1.6.0
Sun Jre 1.4.2 6
Sun Jre 1.4.2 7
Sun Jre 1.4.2 8
Sun Jre 1.4.2 9
Sun Jre 1.5.0
Sun Jre 1.4.2 3
Sun Jre 1.4.2 5
Sun Jre 1.4.2 10
Sun Jre 1.4.2 12
Sun Jre 1.4.2 14
Sun Jre 1.6.0
Sun Jre 1.4.2
Sun Jre 1.4.2 1
Sun Jre 1.4.2 15
Sun Jre 1.4.2 16
Sun Jre 1.4.2 2
Sun Jre 1.4.2 4
Sun Jre 1.4.2 11
Sun Jre 1.4.2 13
Sun Sdk 1.4.2 8
9.3
CVSSv2
CVE-2007-3896
The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote malicious users to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated usi...
Microsoft Internet Explorer 7.0
1 EDB exploit
9.3
CVSSv2
CVE-2007-4673
Argument injection vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista allows remote malicious users to execute arbitrary commands via a URL in the qtnext field in a crafted QTL file. NOTE: this issue may be related to CVE-2006-4965 or CVE-2007-5045.
Apple Quicktime 7.2
6.8
CVSSv2
CVE-2007-3032
Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote malicious users to execute arbitrary code via crafted contact information that is not properly handled when it is imported.
Microsoft Windows Vista
4.3
CVSSv2
CVE-2007-3033
Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote malicious users to execute arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and a...
Microsoft Windows Vista
6.8
CVSSv2
CVE-2007-3891
Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote malicious users to execute arbitrary code via crafted HTML attributes.
Microsoft Windows Vista
9.3
CVSSv2
CVE-2007-3845
Mozilla Firefox prior to 2.0.0.6, Thunderbird prior to 1.5.0.13 and 2.x prior to 2.0.0.6, and SeaMonkey prior to 1.1.4 allow remote malicious users to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extensio...
Mozilla Firefox 2.0.0.5
Mozilla Seamonkey 1.1.3
Mozilla Thunderbird 2.0.0.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »