Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
document server vulnerabilities and exploits
(subscribe to this query)
940
VMScore
CVE-2012-0013
Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote malicious users to execute arbitrary code vi...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Xp
Microsoft Windows Server 2003
Microsoft Windows Vista
2 EDB exploits
383
VMScore
CVE-2019-20860
An issue exists in Mattermost Server prior to 5.14.0, 5.13.3, 5.12.6, and 5.9.4. It allows remote malicious users to cause a denial of service (application hang) via a crafted SVG document.
Mattermost Mattermost Server
Mattermost Mattermost Server 5.14.0
356
VMScore
CVE-2006-3921
Sun Java System Application Server (SJSAS) 7 up to and including 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.
Sun Java System Application Server 7.0
Sun Java System Application Server 8.1
Sun Java System Web Server 6.0
Sun Java System Application Server 7.1
Sun Java System Web Server 6.1
356
VMScore
CVE-2016-7459
VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML document containing an external entity declaration in conjunction with an entity refer...
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.0
446
VMScore
CVE-2019-3722
Dell EMC OpenManage Server Administrator (OMSA) versions before 9.1.0.3 and before 9.2.0.4 contain an XML external entity (XXE) injection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to read arbitrary server system files by supplyi...
Dell Emc Openmanage Server Administrator 9.2.0.1
Dell Emc Openmanage Server Administrator 9.1.0.2
Dell Emc Openmanage Server Administrator 9.2.0.2
Dell Emc Openmanage Server Administrator 9.1
Dell Emc Openmanage Server Administrator 9.2
Dell Emc Openmanage Server Administrator 9.1.0.1
NA
CVE-2021-43449
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The document editor service can be abused to read and serve arbitrary URLs as a document.
Onlyoffice Server
NA
CVE-2021-43448
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Improper Input Validation. A lack of input validation can allow an malicious user to spoof the names of users who interact with a document, if the document id is known.
Onlyoffice Server
383
VMScore
CVE-2017-8710
The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an malicious user to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML i...
Microsoft Windows 7 -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
760
VMScore
CVE-2003-0118
SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote malicious users to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an emb...
Microsoft Biztalk Server 2000
Microsoft Biztalk Server 2002
2 EDB exploits
NA
CVE-2024-23448
An issue exists whereby APM Server could log at ERROR level, a response from Elasticsearch indicating that indexing the document failed and that response would contain parts of the original document. Depending on the nature of the document that the APM Server attempted to ingest,...
Elastic Apm Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »