Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
core security technologies vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2010-3272
accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus prior to 4.5 Build 4500 makes it easier for remote malicious users to reset user passwords, and consequently obtain access to arbitrary user accounts, via a modified (1) Hide...
Zohocorp Manageengine Adselfservice Plus
1 EDB exploit
NA
CVE-2010-0368
Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: a cross-site request forgery which allows an external remote attacker to make a command injection that can be used to execute arbitrary code using the webserver user. As a r...
1 EDB exploit
755
VMScore
CVE-2010-1931
SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 up to and including 4.3.9 allows remote malicious users to execute arbitrary SQL commands via the shipKey parameter to index.php.
Cubecart Cubecart 4.3.4
Cubecart Cubecart 4.3.5
Cubecart Cubecart 4.3.6
Cubecart Cubecart 4.3.9
Cubecart Cubecart 4.3.7
Cubecart Cubecart 4.3.8
1 EDB exploit
435
VMScore
CVE-2010-1486
Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in CactuShop prior to 6.155 allow remote malicious users to inject arbitrary web script or HTML via the (1) billing address or (2) shipping address.
Cactushop Cactushop 4.5
Cactushop Cactushop 4.6
Cactushop Cactushop 4.7
Cactushop Cactushop 5.0
Cactushop Cactushop 4
Cactushop Cactushop
Cactushop Cactushop 3
Cactushop Cactushop 4.1
Cactushop Cactushop 5.1
1 EDB exploit
505
VMScore
CVE-2009-2533
rmserver in RealNetworks Helix Server and Helix Mobile Server prior to 13.0.0 allows remote malicious users to cause a denial of service (daemon exit) via multiple RTSP SET_PARAMETER requests with empty DataConvertBuffer headers.
Realnetworks Helix Server
Realnetworks Helix Server Mobile
Realnetworks Helix Server Mobile 11.0
Realnetworks Helix Server 12.0.0
1 EDB exploit
505
VMScore
CVE-2009-2534
RealNetworks Helix Server and Helix Mobile Server prior to 13.0.0 allow remote malicious users to cause a denial of service (daemon crash) via an RTSP SETUP request that (1) specifies the / URI or (2) lacks a / character in the URI.
Realnetworks Helix Server
Realnetworks Helix Server 12.0.0
Realnetworks Helix Server Mobile 11.0
Realnetworks Helix Server 11.0
Realnetworks Helix Server Mobile
1 EDB exploit
725
VMScore
CVE-2010-1897
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly validate pseudo-handle values in callback parameters during window creation,...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows 7 -
Microsoft Windows Vista -
Microsoft Windows Xp
Microsoft Windows 7
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows 2003 Server
1 EDB exploit
435
VMScore
CVE-2008-1035
Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "r...
Apple Ical 3.0.1
1 EDB exploit
435
VMScore
CVE-2010-1186
Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin prior to 1.5.2 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the mode parameter.
Alex Rabe Nextgen Gallery 0.35
Alex Rabe Nextgen Gallery 0.34
Alex Rabe Nextgen Gallery 1.2.0
Alex Rabe Nextgen Gallery 1.2.1
Alex Rabe Nextgen Gallery 1.3.6
Alex Rabe Nextgen Gallery 1.4.0
Alex Rabe Nextgen Gallery 0.97
Alex Rabe Nextgen Gallery 1.4.3
Alex Rabe Nextgen Gallery 0.61
Alex Rabe Nextgen Gallery 0.41
Alex Rabe Nextgen Gallery 0.74
Alex Rabe Nextgen Gallery 0.62
Alex Rabe Nextgen Gallery 0.92
Alex Rabe Nextgen Gallery 0.94
Alex Rabe Nextgen Gallery 0.95
Alex Rabe Nextgen Gallery 1.5.0
Alex Rabe Nextgen Gallery
Alex Rabe Nextgen Gallery 1.3.0
Alex Rabe Nextgen Gallery 1.3.1
Alex Rabe Nextgen Gallery 1.4.1
Alex Rabe Nextgen Gallery 1.4.2
Alex Rabe Nextgen Gallery 0.99
1 EDB exploit
935
VMScore
CVE-2010-3329
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote malicious users to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerabili...
Microsoft Internet Explorer 7
Microsoft Internet Explorer 8
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »