Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft web applications vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2010-2568
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote malicious users to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Server 2008 R2
Microsoft Windows Xp -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 2003 Server
2 EDB exploits
3 Github repositories
23 Articles
7.5
CVSSv2
CVE-2006-0057
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote malicious users to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting....
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Microsoft Ie 6
4.3
CVSSv2
CVE-2015-1764
The web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allow remote malicious users to bypass the Same Origin Policy and send HTTP traffic to intranet servers via a crafted request, related to a Server-Side Request Forgery (SSRF) issue, aka "Excha...
Microsoft Exchange Server 2013
10
CVSSv2
CVE-2006-3439
Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Sp1
Microsoft Windows 2000
Microsoft Windows Xp
Microsoft Windows 2003 Server 64-bit
Microsoft Windows 2003 Server Itanium
5 EDB exploits
5.1
CVSSv2
CVE-2006-0003
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote malicious users to execute arbitrary code via unknown attack vectors.
Microsoft Data Access Components 2.5
Microsoft Data Access Components 2.8
Microsoft Data Access Components 2.7
3 EDB exploits
2 Articles
10
CVSSv2
CVE-2004-0897
The Indexing Service for Microsoft Windows XP and Server 2003 does not properly validate the length of a message, which allows remote malicious users to execute arbitrary code via a buffer overflow attack.
Microsoft Windows 2003 Server R2
Microsoft Windows Xp
9.3
CVSSv2
CVE-2006-2383
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and previous versions allows remote malicious users to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX co...
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6
1 EDB exploit
6.8
CVSSv2
CVE-2007-3891
Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote malicious users to execute arbitrary code via crafted HTML attributes.
Microsoft Windows Vista
6.8
CVSSv2
CVE-2007-3032
Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote malicious users to execute arbitrary code via crafted contact information that is not properly handled when it is imported.
Microsoft Windows Vista
5
CVSSv2
CVE-2001-1410
Internet Explorer 6 and previous versions allows remote malicious users to create chromeless windows using the Javascript window.createPopup method, which could allow malicious users to simulate a victim's display and conduct unauthorized activities or steal sensitive data v...
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »