Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-5279
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote malicious users to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.
Microsoft Internet Information Services 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2013-5554
Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile prior to 3.5.5 allows remote malicious users to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773.
Cisco Wide Area Application Services Mobile
Cisco Wide Area Application Services Mobile 3.5.3
Cisco Wide Area Application Services Mobile 3.5.2
Cisco Wide Area Application Services Mobile 3.5.1
Cisco Wide Area Application Services Mobile 3.5.0
Cisco Wide Area Application Services Mobile 3.4.1
Cisco Wide Area Application Services Mobile 3.3.4
Cisco Wide Area Application Services Mobile 3.3.1
Cisco Wide Area Application Services Mobile 3.4.2
Cisco Wide Area Application Services Mobile 3.4
NA
CVE-2013-0941
EMC RSA Authentication API prior to 8.1 SP1, RSA Web Agent prior to 5.3.5 for Apache Web Server, RSA Web Agent prior to 5.3.5 for IIS, RSA PAM Agent prior to 7.0, and RSA Agent prior to 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintainin...
Rsa Authentication Api
Rsa Securid Web Agent
Rsa Pluggable Authentication Module Agent
Rsa Authentication Agent
NA
CVE-2013-0079
Microsoft Visio Viewer 2010 SP1 allows remote malicious users to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
Microsoft Visio 2010
Microsoft Office Filter Pack 2010
Microsoft Visio Viewer 2010
NA
CVE-2013-0005
The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote malicious users to cause a denial of service (resource consumption an...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft Management Odata Iis Extension -
NA
CVE-2012-5674
Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when Internet Information Services (IIS) is used, allows malicious users to cause a denial of service via unknown vectors.
Adobe Coldfusion 10.0
NA
CVE-2012-2531
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."
NA
CVE-2012-2532
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote malicious users to obtain sensitive information by reading the replies to these commands, aka "FTP Command Inject...
Microsoft Ftp Service 7.0
Microsoft Ftp Service 7.5
NA
CVE-2012-4591
About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 discloses the name of the user account for an IIS worker process, which allows remote malicious users to obtain potentially sensitive information by visiting this page.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
NA
CVE-2009-0693
Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote malicious users to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.
Dell Wyse Device Manager 4.7.2
Dell Wyse Device Manager 4.7.0
Dell Wyse Device Manager 4.7.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »