Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-14899
Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HT...
Oracle Application Express
5.4
CVSSv3
CVE-2020-14900
Vulnerability in the Oracle Application Express Group Calendar component of Oracle Database Server. The supported version that is affected is before 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via H...
Oracle Application Express
9.1
CVSSv3
CVE-2020-15084
In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affe...
Auth0 Express-jwt
7.7
CVSSv3
CVE-2021-26073
Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a serv...
Atlassian Connect Express
6.1
CVSSv3
CVE-2016-3448
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 5.0.4 allows remote malicious users to affect confidentiality and integrity via unknown vectors.
Oracle Application Express
NA
CVE-2005-3287
Incomplete blacklist vulnerability in Mailsite Express allows remote malicious users to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be directly requested ...
Rockliffe Mailsite Express
NA
CVE-2005-3288
Mailsite Express allows remote malicious users to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
Rockliffe Mailsite Express
5.8
CVSSv3
CVE-2016-3467
Unspecified vulnerability in the Application Express component in Oracle Database Server prior to 5.0.4 allows remote malicious users to affect availability via unknown vectors.
Oracle Application Express
9
CVSSv3
CVE-2023-21974
Vulnerability in the Application Express Team Calendar Plugin product of Oracle Application Express (component: User Account). Supported versions that are affected are Application Express Team Calendar Plugin: 18.2-22.1. Easily exploitable vulnerability allows low privileged atta...
Oracle Application Express
5.4
CVSSv3
CVE-2020-2973
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle ...
Oracle Application Express
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »