Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
configuration as code vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-0071
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows malicious users to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2002-0074
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to embed scripts into another user's session.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
NA
CVE-2002-0148
Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to execute arbitrary script as other users via an HTTP error page.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2002-0075
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote malicious users to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.8
CVSSv3
CVE-2019-5443
A non-privileged user or program can put code and a config file in a known non-privileged path (under C:/usr/local/) that will make curl <= 7.65.1 automatically run the code (as an openssl "engine") on invocation. If that curl is invoked by a privileged user it can d...
Haxx Curl
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager Ops Center 12.4.0
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Mysql Server
Oracle Oss Support Tools 20.0
Netapp Oncommand Insight -
Netapp Oncommand Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Snapcenter -
1 Github repository
9.8
CVSSv3
CVE-2019-10211
Postgresql Windows installer prior to 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
Postgresql Postgresql
8.8
CVSSv3
CVE-2017-12945
Insufficient validation of user-supplied input for the Solstice Pod prior to 2.8.4 networking configuration enables authenticated malicious users to execute arbitrary commands as root.
Mersive Solstice Firmware
1 Github repository
NA
CVE-2000-0289
IP masquerading in Linux 2.2.x allows remote malicious users to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection.
Redhat Linux 6.0
Redhat Linux 6.1
Debian Debian Linux 2.2
Linux Linux Kernel 2.2.12
Debian Debian Linux 2.1
Linux Linux Kernel 2.2.10
Linux Linux Kernel 2.2.14
Redhat Linux 6.2
NA
CVE-2010-3490
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and previous versions allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to a...
Sangoma Freepbx
1 EDB exploit
1 Github repository
7.2
CVSSv3
CVE-2023-20007
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote malicious user to execute arbitrary code or cause the web-based management process on the device to res...
Cisco Rv340 Firmware
Cisco Rv340w Firmware
Cisco Rv345 Firmware
Cisco Rv345p Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »