Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2009-4873
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote malicious users to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.
Rhinosoft Serv-u 9.0.0.5
2 EDB exploits
1000
VMScore
CVE-2010-0359
Buffer overflow in the SSLv2 support in Zeus Web Server prior to 4.3r5 allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message.
Zeus Zeus Web Server 4.3r5
1 EDB exploit
1000
VMScore
CVE-2010-0361
Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote malicious users to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS reques...
Sun Java System Web Server 7.0
3 EDB exploits
1000
VMScore
CVE-2009-2685
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote malicious users to execute arbitrary code via the Login variable.
Hp Power Manager
2 EDB exploits
1000
VMScore
CVE-2009-3866
The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote malicious users to execute arbitrary code by modifying a certain JNLP file to have a URL field th...
Sun Jdk 1.6.0
Sun Jre 1.6.0
1000
VMScore
CVE-2009-3865
The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote malicious users to execute arbitrary commands via a crafted web page, aka Bug Id 6869752.
Sun Jdk 1.6.0
Sun Jre 1.6.0
1000
VMScore
CVE-2009-3663
Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote malicious users to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.
Jasper Httpdx 1.4
1 EDB exploit
1000
VMScore
CVE-2009-1669
The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third...
Smarty Smarty 2.6.22
1 EDB exploit
1000
VMScore
CVE-2008-6519
Format string vulnerability in Xitami Web Server 2.2a up to and including 2.5c2, and possibly other versions, allows remote malicious users to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a Long Running Web Process (...
Imatix Xitami 2.4d7
Imatix Xitami 2.5c2
Imatix Xitami 2.5
Imatix Xitami 2.2a
Imatix Xitami 2.4
1 EDB exploit
1000
VMScore
CVE-2008-5457
Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote malicious users to affect confidentiality, integrity, and availability via ...
Oracle Bea Product Suite 10.3
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 9.2
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.0
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »