Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft web applications vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2007-3670
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote malicious users to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a (1) F...
Microsoft Internet Explorer 6
Mozilla Firefox
Microsoft Internet Explorer 7.0
1 EDB exploit
780
VMScore
CVE-2006-5745
Unspecified vulnerability in the setRequestHeader method in the XMLHTTP (XML HTTP) ActiveX Control 4.0 in Microsoft XML Core Services 4.0 on Windows, when accessed by Internet Explorer, allows remote malicious users to execute arbitrary code via crafted arguments that lead to mem...
Microsoft Xml Core Services 4.0
4 EDB exploits
685
VMScore
CVE-2006-4704
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote malicious users to bypass Internet zone restrictions and execute arbitrary code by instantiating danger...
Microsoft Visual Studio .net 2005
1 EDB exploit
1 Article
231
VMScore
CVE-2006-4685
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 up to and including 6.0 does not properly handle HTTP server-side redirects, which allows remote user-assisted malicious users to access content from other domains.
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 6.0
Microsoft Xml Parser 2.6
668
VMScore
CVE-2006-4686
Buffer overflow in the Extensible Stylesheet Language Transformations (XSLT) processing in Microsoft XML Parser 2.6 and XML Core Services 3.0 up to and including 6.0 allows remote malicious users to execute arbitrary code via a crafted Web page.
Microsoft Xml Core Services 3.0
Microsoft Xml Core Services 4.0
Microsoft Xml Core Services 6.0
Microsoft Xml Parser 2.6
505
VMScore
CVE-2006-4446
Heap-based buffer overflow in DirectAnimation.PathControl COM object (daxctle.ocx) in Microsoft Internet Explorer 6.0 SP1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a Spline function call whose first argument specifies a lar...
Microsoft Ie 6.0
1 EDB exploit
676
VMScore
CVE-2006-3648
Unspecified vulnerability in Microsoft Windows 2000 SP4, XP SP1 and SP2, Server 2003 and 2003 SP1, allows remote malicious users to execute arbitrary code via unspecified vectors involving unhandled exceptions, memory resident applications, and incorrectly "unloading chained...
Microsoft Windows Xp
Microsoft Windows 2003 Server Sp1
Microsoft Windows 2003 Server R2
Microsoft Windows 2000
1000
VMScore
CVE-2006-3439
Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
Microsoft Windows 2003 Server 64-bit
Microsoft Windows 2003 Server Itanium
Microsoft Windows 2003 Server Sp1
Microsoft Windows Xp
Microsoft Windows 2003 Server R2
Microsoft Windows 2000
5 EDB exploits
935
VMScore
CVE-2006-2383
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and previous versions allows remote malicious users to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX co...
Microsoft Internet Explorer 6
Microsoft Internet Explorer 5.01
1 EDB exploit
356
VMScore
CVE-2006-1175
The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote malicious users to read and write files in arbitrary locations by accessing the control from a web page.
Weonlydo Weonlydo Sftp
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »