Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
search server vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv2
CVE-2012-1860
Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows remote authenticated users to obtain sensitive information or cause a denial of servic...
Microsoft Sharepoint Server 2007
Microsoft Sharepoint Server 2010
Microsoft Office Web Apps 2010
5
CVSSv2
CVE-2010-0708
Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3.1 allow remote malicious users to cause...
Sun Java System Directory Server 7.0
Sun Java System Directory Server 6.3.1
Sun Java System Directory Server 6.0
Sun Java System Directory Server 5.2
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.1
7.5
CVSSv2
CVE-2011-0019
slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote malicious users to cause a denial of service (daemon crash) or possibly have unspecified other impact via...
Fedoraproject 389 Directory Server 1.2.7.5
Redhat Directory Server 8.2.3
Redhat Directory Server 8.2
6.5
CVSSv2
CVE-2013-5028
SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server prior to 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the (1) hardwareType, (2) hardwareStatus, or (3) hardwareLocation parameter in a search command.
Kwoksys Information Server
Kwoksys Information Server 2.8.3
1 EDB exploit
4.3
CVSSv2
CVE-2008-2518
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, probably rela...
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
5
CVSSv2
CVE-2010-2222
The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted search query.
Redhat 389 Directory Server -
Redhat Directory Server 8.0
4.3
CVSSv2
CVE-2020-1103
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Ser...
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2019
10
CVSSv2
CVE-2008-0347
Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a re...
Oracle Application Server 10.1.3.3.0
Oracle Application Server 9.0.4.3
Oracle Database Server 11.1.0.6
Oracle Database Server 9.0.1.5
Oracle E-business Suite 12.0.2
Oracle E-business Suite 12.0.3
Oracle Application Server 1.0.2.2
Oracle Application Server 10.1.2.0.2
Oracle Application Server 9i 10.1.2.0.2
Oracle Application Server 9i 9.0.4.3
Oracle Database Server 9.2.0.8
Oracle Database Server 9.2.0.8dv
Oracle Peoplesoft Enterprise Peopletools 8.47
Oracle Peoplesoft Enterprise Peopletools 8.48
Oracle Application Server 10.1.2.1.0
Oracle Application Server 10.1.2.2.0
Oracle Collaboration Suite 10.1.2
Oracle Database Server 10.1.0.5
Oracle E-business Suite 11.5.10
Oracle E-business Suite 11.5.10.2
Oracle Peoplesoft Enterprise Peopletools 8.49
Oracle Application Server 10.1.3.0.0
NA
CVE-2022-35868
A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6)...
Siemens Tia Project-server 1.0
Siemens Tia Multiuser Server 14
Siemens Tia Multiuser Server 16
Siemens Tia Multiuser Server 15
Siemens Tia Multiuser Server 15.1
Siemens Tia Project-server 17
NA
CVE-2023-36884
Windows Search Remote Code Execution Vulnerability
Microsoft Word 2013
Microsoft Word 2016
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Office 2019
Microsoft Office 2021
Microsoft Windows 11 22h2
Microsoft Windows 10 1607 -
Microsoft Windows 10 1809 -
Microsoft Windows 10 21h2 -
Microsoft Windows 10 22h2 -
Microsoft Windows 11 21h2 -
Microsoft Windows 10 1507 -
9 Github repositories
4 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »