Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2015-7597
SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
Gemalto Safenet Authentication Service Iis Agent -
4
CVSSv3
CVE-2016-0382
The IBM Tealeaf Consumer Experience 8.7, 8.8, and 9.0 portal exposes some of its operational state in a form that may be accidentally captured and exposed by network infrastructure components such as IIS. IBM X-Force ID: 112356.
Ibm Tealeaf Consumer Experience 8.8.1
Ibm Tealeaf Consumer Experience 9.0
Ibm Tealeaf Consumer Experience 9.0.2
Ibm Tealeaf Consumer Experience 8.7.0
Ibm Tealeaf Consumer Experience 8.7.1
Ibm Tealeaf Consumer Experience 8.8.0
Ibm Tealeaf Consumer Experience 8.7
Ibm Tealeaf Consumer Experience 9.0.1
Ibm Tealeaf Consumer Experience 8.8
Ibm Tealeaf Consumer Experience 8.8.2
9.8
CVSSv3
CVE-2017-7269
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote malicious users to execute arbitrary code via a long header beginning with "If: <http://" in a PROP...
Microsoft Internet Information Server 6.0
2 EDB exploits
22 Github repositories
2 Articles
6.1
CVSSv3
CVE-2017-0055
Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to perform cross-s...
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows Rt 8.1
Microsoft Windows Vista
Microsoft Windows Server 2016
Microsoft Windows 8.1
Microsoft Windows 7
Microsoft Windows 10 -
Microsoft Windows 10 1511
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
2 Github repositories
6.3
CVSSv3
CVE-2016-0899
EMC RSA Archer GRC 5.5.x prior to 5.5.3.4 allows remote authenticated users to read the web.config.bak file, and obtain sensitive credential information, by modifying the IIS configuration to set a Content-Type header for .bak files.
Emc Rsa Archer Egrc 5.5
Emc Rsa Archer Egrc 5.5.1
Emc Rsa Archer Egrc 5.5.2.3
Emc Rsa Archer Egrc 5.5.1.3
7.8
CVSSv3
CVE-2016-0152
Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability."
Microsoft Windows Server 2008
Microsoft Windows Vista
NA
CVE-2013-7442
GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded,...
Gehealthcare Centricity Pacs Workstation 4.0
Gehealthcare Centricity Pacs Workstation 4.0.1
NA
CVE-2014-6363
vbscript.dll in Microsoft VBScript 5.6 up to and including 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memo...
Microsoft Vbscript 5.6
Microsoft Vbscript 5.7
Microsoft Vbscript 5.8
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
1 EDB exploit
NA
CVE-2014-4078
The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote malicious users to bypass an i...
Microsoft Internet Information Services 8.5
Microsoft Internet Information Services 8.0
2 Github repositories
NA
CVE-2011-5279
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote malicious users to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.
Microsoft Internet Information Services 4.0
Microsoft Internet Information Services 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »