Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application express vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-16675
An issue exists in PHOENIX CONTACT PC Worx up to and including 1.86, PC Worx Express up to and including 1.86, and Config+ up to and including 1.86. A manipulated PC Worx or Config+ project file could lead to an Out-of-bounds Read and remote code execution. The attacker needs to ...
Phoenixcontact Pc Worx Express
Phoenixcontact Config\\+
Phoenixcontact Pc Worx
5.1
CVSSv2
CVE-2021-33542
Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution vulnerability. Manipulated PC Worx or Config+ projects could lead to a remote code execution when unallocated memory is freed because of incompletely initialize...
Phoenixcontact Config\\+
Phoenixcontact Pc Worx
Phoenixcontact Pc Worx Express
5
CVSSv2
CVE-2001-0322
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote malicious users to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.
Microsoft Outlook Express 5.5
Microsoft Internet Explorer 4.0
Microsoft Outlook 2000
1 EDB exploit
NA
CVE-2022-24999
qs prior to 6.10.3, as used in Express prior to 4.17.3 and other products, allows malicious users to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the att...
Qs Project Qs
Qs Project Qs 6.4.0
Qs Project Qs 6.6.0
Openjsf Express
Debian Debian Linux 10.0
3 Github repositories
4.3
CVSSv2
CVE-2021-26271
It was possible to execute a ReDoS-type attack inside CKEditor 4 prior to 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
Ckeditor Ckeditor
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Express
Oracle Financial Services Analytical Applications Infrastructure
Oracle Financial Services Analytical Applications Infrastructure 8.1.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Jd Edwards Enterpriseone Tools
Oracle Siebel Ui Framework
Oracle Webcenter Sites 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.4.0
5.5
CVSSv2
CVE-2016-1307
The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote malicious users to obtain access via an XMPP session, aka Bug ID CSCuw79085.
Cisco Finesse 10.5\\\\\\(1\\\\\\) Base
Cisco Finesse 11.0\\\\\\(1\\\\\\) Base
Cisco Unified Contact Center Express 10.6\\\\\\(1\\\\\\)
5.5
CVSSv2
CVE-2015-2655
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
Oracle Database Server
9.3
CVSSv2
CVE-2013-1169
Cisco Unified MeetingPlace Web Conferencing Server 7.x prior to 7.1MR1 Patch 2, 8.0 prior to 8.0MR1 Patch 2, and 8.5 prior to 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote malicious users to impersonate users via a craf...
Cisco Unified Meetingplace Web Conferencing Server 7.1
Cisco Unified Meetingplace Web Conferencing Server 8.0
Cisco Unified Meetingplace Web Conferencing Server 8.5
5
CVSSv2
CVE-2019-12633
A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of u...
Cisco Unified Contact Center Express
Cisco Unified Contact Center Express 12.0\\(1\\)
5
CVSSv2
CVE-2004-0215
Microsoft Outlook Express 5.5 and 6 allows malicious users to cause a denial of service (application crash) via a malformed e-mail header.
Microsoft Outlook Express 6.0
Avaya Definity One Media Server
Avaya Ip600 Media Servers
Avaya S8100
Avaya Modular Messaging Message Storage Server S3400
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »