Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft activex vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-4219
The Terminal Services COM object (tsuserex.dll) allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code by instantiating it as an ActiveX object in Internet Explorer 6.0 SP1 on Microsoft Windows 2003 EE SP1 CN.
Microsoft Ie 6.0
1 EDB exploit
4.3
CVSSv2
CVE-2010-0278
A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote malicious users to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argumen...
Microsoft Windows Live Messenger 2009
1 EDB exploit
9.3
CVSSv2
CVE-2008-4699
Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in Peachtree Accounting 2004 allows remote malicious users to execute arbitrary programs via the ExecutePreferredApplication method.
Microsoft Peachtree Accounting 2004
1 EDB exploit
6.8
CVSSv2
CVE-2008-4493
Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote malicious users to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST...
Microsoft Digital Image 2006
1 EDB exploit
9.3
CVSSv2
CVE-2006-2383
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and previous versions allows remote malicious users to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX co...
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6
1 EDB exploit
9.3
CVSSv2
CVE-2013-3918
The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold an...
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 R2
Microsoft Windows 7
Microsoft Windows 8 -
Microsoft Windows Rt -
Microsoft Windows Server 2008 Sp2
Microsoft Windows Server 2003 -
Microsoft Windows Server 2012 -
Microsoft Windows Xp -
Microsoft Windows Server 2012 R2
Microsoft Windows 8.1 -
Microsoft Windows Vista -
1 EDB exploit
1 Github repository
2 Articles
7.6
CVSSv2
CVE-2019-0784
A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'.
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2016 1803
Microsoft Windows 8.1 -
Microsoft Windows 10 -
Microsoft Windows 10 1809
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1709
1 Article
9.3
CVSSv2
CVE-2019-0888
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory, aka 'ActiveX Data Objects (ADO) Remote Code Execution Vulnerability'.
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2008 -
Microsoft Windows 8.1 -
Microsoft Windows 10 1809
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1703
Microsoft Windows 10 1709
Microsoft Windows Server 2019 -
Microsoft Windows Server 2016 1903
Microsoft Windows Rt 8.1 -
Microsoft Windows 7 -
Microsoft Windows 10 1803
Microsoft Windows 10 1903
1 Github repository
1 Article
2.1
CVSSv2
CVE-2019-1382
An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication, aka 'Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability'.
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2016 1903
Microsoft Windows Server 2019 -
1 Article
10
CVSSv2
CVE-2000-1034
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote malicious users to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
Microsoft Windows 2000
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »