Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
knowledge base vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0057
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote malicious users to bypass the Kill bit settings for dangerous ActiveX controls via unknown vectors involving crafted HTML, which can expose the browser to attacks that would otherwise be prevented by the Kill bit setting....
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6
Microsoft Ie 6
NA
CVE-2003-0528
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote malicious users to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nac...
Microsoft Windows 2003 Server R2
Microsoft Windows Nt 4.0
Microsoft Windows 2000
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
8
CVSSv3
CVE-2022-39369
phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server. The phpCAS library uses HTTP headers to determine the service URL used to validate tickets. This allows an malicious user to control th...
Apereo Phpcas
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2024-1800
In Progress® Telerik® Report Server versions before 2024 Q1 (10.0.24.130), a remote code execution attack is possible through an insecure deserialization vulnerability.
1 Github repository
1 Article
NA
CVE-2003-0715
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote malicious users to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability t...
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows 2003 Server R2
Microsoft Windows Nt 4.0
Microsoft Windows Xp
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
NA
CVE-2004-1080
The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote malicious users to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP ...
Microsoft Windows 2000
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server Enterprise 64-bit
Microsoft Windows Nt 4.0
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows 2003 Server 2000
Microsoft Windows 2003 Server 2003
Microsoft Windows 2003 Server R2
2 EDB exploits
NA
CVE-2005-0360
The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote malicious users to create or append to arbitrary files.
Microsoft Log Sink Class Activex Control
NA
CVE-2006-1175
The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote malicious users to read and write files in arbitrary locations by accessing the control from a web page.
Weonlydo Weonlydo Sftp
NA
CVE-2000-0457
ISM.DLL in IIS 4.0 and 5.0 allows remote malicious users to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR&...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
NA
CVE-2006-0003
Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote malicious users to execute arbitrary code via unknown attack vectors.
Microsoft Data Access Components 2.5
Microsoft Data Access Components 2.8
Microsoft Data Access Components 2.7
3 EDB exploits
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »