Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
search server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0708
Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enterprise Edition 6.0 up to and including 6.3.1 allow remote malicious users to cause...
Sun Java System Directory Server 7.0
Sun Java System Directory Server 6.3.1
Sun Java System Directory Server 6.0
Sun Java System Directory Server 5.2
Sun Java System Directory Server 6.3
Sun Java System Directory Server 6.2
Sun Java System Directory Server 6.1
9.8
CVSSv3
CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x prior to 2.3c allows remote malicious users to execute arbitrary programs via a %00 sequence in a search action.
Rejetto Http File Server
3 EDB exploits
14 Github repositories
NA
CVE-2011-0019
slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 (aka Red Hat Directory Server 8.2.x or dirsrv) does not properly handle simple paged result searches, which allows remote malicious users to cause a denial of service (daemon crash) or possibly have unspecified other impact via...
Fedoraproject 389 Directory Server 1.2.7.5
Redhat Directory Server 8.2.3
Redhat Directory Server 8.2
NA
CVE-2013-5028
SQL injection vulnerability in IT/hardware-list.dll in Kwoksys Kwok Information Server prior to 2.8.5 allows remote authenticated users to execute arbitrary SQL commands via the (1) hardwareType, (2) hardwareStatus, or (3) hardwareLocation parameter in a search command.
Kwoksys Information Server
Kwoksys Information Server 2.8.3
1 EDB exploit
NA
CVE-2008-2518
Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors, probably rela...
Sun Java System Web Server 6.1
Sun Java System Web Server 7.0
7.5
CVSSv3
CVE-2010-2222
The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows malicious users to cause a denial of service (NULL pointer dereference) via a crafted search query.
Redhat 389 Directory Server -
Redhat Directory Server 8.0
6.5
CVSSv3
CVE-2020-1103
An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Ser...
Microsoft Sharepoint Enterprise Server 2016
Microsoft Sharepoint Foundation 2013
Microsoft Sharepoint Server 2019
NA
CVE-2008-0347
Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a re...
Oracle Application Server 10.1.3.3.0
Oracle Application Server 9.0.4.3
Oracle Database Server 11.1.0.6
Oracle Database Server 9.0.1.5
Oracle E-business Suite 12.0.2
Oracle E-business Suite 12.0.3
Oracle Application Server 1.0.2.2
Oracle Application Server 10.1.2.0.2
Oracle Application Server 9i 10.1.2.0.2
Oracle Application Server 9i 9.0.4.3
Oracle Database Server 9.2.0.8
Oracle Database Server 9.2.0.8dv
Oracle Peoplesoft Enterprise Peopletools 8.47
Oracle Peoplesoft Enterprise Peopletools 8.48
Oracle Application Server 10.1.2.1.0
Oracle Application Server 10.1.2.2.0
Oracle Collaboration Suite 10.1.2
Oracle Database Server 10.1.0.5
Oracle E-business Suite 11.5.10
Oracle E-business Suite 11.5.10.2
Oracle Peoplesoft Enterprise Peopletools 8.49
Oracle Application Server 10.1.3.0.0
6.7
CVSSv3
CVE-2022-35868
A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server V16 (All versions), TIA Project-Server V17 (All versions < V17 Update 6)...
Siemens Tia Project-server 1.0
Siemens Tia Multiuser Server 14
Siemens Tia Multiuser Server 16
Siemens Tia Multiuser Server 15
Siemens Tia Multiuser Server 15.1
Siemens Tia Project-server 17
7.5
CVSSv3
CVE-2023-36884
Windows Search Remote Code Execution Vulnerability
Microsoft Word 2013
Microsoft Word 2016
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Office 2019
Microsoft Office 2021
Microsoft Windows 11 22h2
Microsoft Windows 10 1607 -
Microsoft Windows 10 1809 -
Microsoft Windows 10 21h2 -
Microsoft Windows 10 22h2 -
Microsoft Windows 11 21h2 -
Microsoft Windows 10 1507 -
9 Github repositories
4 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »