Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-7442
GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded,...
Gehealthcare Centricity Pacs Workstation 4.0
Gehealthcare Centricity Pacs Workstation 4.0.1
NA
CVE-2014-6363
vbscript.dll in Microsoft VBScript 5.6 up to and including 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memo...
Microsoft Vbscript 5.6
Microsoft Vbscript 5.7
Microsoft Vbscript 5.8
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 8
Microsoft Internet Explorer 9
Microsoft Internet Explorer 6
Microsoft Internet Explorer 7
1 EDB exploit
NA
CVE-2014-4078
The IP Security feature in Microsoft Internet Information Services (IIS) 8.0 and 8.5 does not properly process wildcard allow and deny rules for domains within the "IP Address and Domain Restrictions" list, which makes it easier for remote malicious users to bypass an i...
Microsoft Internet Information Services 8.5
Microsoft Internet Information Services 8.0
2 Github repositories
NA
CVE-2011-5279
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote malicious users to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.
Microsoft Internet Information Services 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2013-5554
Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile prior to 3.5.5 allows remote malicious users to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773.
Cisco Wide Area Application Services Mobile
Cisco Wide Area Application Services Mobile 3.5.3
Cisco Wide Area Application Services Mobile 3.5.2
Cisco Wide Area Application Services Mobile 3.5.1
Cisco Wide Area Application Services Mobile 3.5.0
Cisco Wide Area Application Services Mobile 3.4.1
Cisco Wide Area Application Services Mobile 3.3.4
Cisco Wide Area Application Services Mobile 3.3.1
Cisco Wide Area Application Services Mobile 3.4.2
Cisco Wide Area Application Services Mobile 3.4
NA
CVE-2013-0941
EMC RSA Authentication API prior to 8.1 SP1, RSA Web Agent prior to 5.3.5 for Apache Web Server, RSA Web Agent prior to 5.3.5 for IIS, RSA PAM Agent prior to 7.0, and RSA Agent prior to 6.1.4 for Microsoft Windows use an improper encryption algorithm and a weak key for maintainin...
Rsa Authentication Api
Rsa Securid Web Agent
Rsa Pluggable Authentication Module Agent
Rsa Authentication Agent
NA
CVE-2013-0079
Microsoft Visio Viewer 2010 SP1 allows remote malicious users to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
Microsoft Visio 2010
Microsoft Office Filter Pack 2010
Microsoft Visio Viewer 2010
NA
CVE-2013-0005
The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote malicious users to cause a denial of service (resource consumption an...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft Management Odata Iis Extension -
NA
CVE-2012-5674
Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when Internet Information Services (IIS) is used, allows malicious users to cause a denial of service via unknown vectors.
Adobe Coldfusion 10.0
NA
CVE-2012-2531
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »