Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft web applications vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-0787
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability".
Microsoft Asp.net Core 1.0
Microsoft Asp.net Core 1.1
Microsoft Asp.net Core 2.0
6.8
CVSSv2
CVE-2015-1771
Cross-site request forgery (CSRF) vulnerability in the web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allows remote malicious users to hijack the authentication of arbitrary users, aka "Exchange Cross-Site Request Forgery Vulnerability."
Microsoft Exchange Server 2013
6.8
CVSSv2
CVE-2015-0209
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL prior to 0.9.8zf, 1.0.0 prior to 1.0.0r, 1.0.1 prior to 1.0.1m, and 1.0.2 prior to 1.0.2a might allow remote malicious users to cause a denial of service (memory corruption and applica...
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.0k
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1e
6.8
CVSSv2
CVE-2008-1196
Stack-based buffer overflow in Java Web Start (javaws.exe) in Sun JDK and JRE 6 Update 4 and previous versions and 5.0 Update 14 and previous versions; and SDK and JRE 1.4.2_16 and previous versions; allows remote malicious users to execute arbitrary code via a crafted JNLP file.
Sun Jdk 1.6.0
Sun Jdk 1.5.0
Sun Jre 1.6.0
Sun Jre 1.4.2 7
Sun Jre 1.4.2 16
Sun Jre 1.4.2 4
Sun Jre 1.4.2 2
Sun Jre 1.5.0
Sun Jre 1.4.2 15
Sun Jre 1.4.2 13
Sun Jre 1.4.2 1
Sun Jre 1.4.2 8
Sun Jre 1.4.2 12
Sun Jre 1.4.2 14
Sun Jre 1.4.2 10
Sun Jre 1.4.2 9
Sun Jre 1.4.2
Sun Jre 1.4.2 11
Sun Jre 1.4.2 3
Sun Jre 1.4.2 5
Sun Jre 1.4.2 6
Sun Sdk 1.4.2
6.8
CVSSv2
CVE-2007-3891
Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote malicious users to execute arbitrary code via crafted HTML attributes.
Microsoft Windows Vista
6.8
CVSSv2
CVE-2007-3032
Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote malicious users to execute arbitrary code via crafted contact information that is not properly handled when it is imported.
Microsoft Windows Vista
6.8
CVSSv2
CVE-2006-4704
Cross-zone scripting vulnerability in the WMI Object Broker (WMIScriptUtils.WMIObjectBroker2) ActiveX control (WmiScriptUtils.dll) in Microsoft Visual Studio 2005 allows remote malicious users to bypass Internet zone restrictions and execute arbitrary code by instantiating danger...
Microsoft Visual Studio .net 2005
1 EDB exploit
1 Article
6.5
CVSSv2
CVE-2006-0013
Buffer overflow in the Web Client service (WebClnt.dll) for Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote authenticated users or Guests to execute arbitrary code via crafted RPC requests, a different vulnerability than CVE-2005-1207.
Microsoft Windows Xp
Microsoft Windows 2003 Server Web
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server Standard 64-bit
Microsoft Windows 2003 Server Datacenter 64-bit
Microsoft Windows 2003 Server R2
Microsoft Windows 2003 Server Standard
6.4
CVSSv2
CVE-2004-0845
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote malicious users to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web...
Microsoft Ie 6
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
5.8
CVSSv2
CVE-2020-0601
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file wa...
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Golang Go
71 Github repositories
5 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »