Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
multi server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46118
RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages...
Vmware Rabbitmq
668
VMScore
CVE-2002-0179
Buffer overflow in xpilot-server for XPilot 4.5.0 and previous versions allows remote malicious users to execute arbitrary code.
Xpilot Xpilot
445
VMScore
CVE-2005-0472
Gaim prior to 1.1.3 allows remote malicious users to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.
Rob Flynn Gaim 1.1.1
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.0.1
Mandrakesoft Mandrake Linux 10.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
NA
CVE-2023-5380
A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root...
X.org Xwayland
X.org X Server
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 11.0
Debian Debian Linux 12.0
445
VMScore
CVE-2021-37601
muc.lib.lua in Prosody 0.11.0 up to and including 0.11.9 allows remote malicious users to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.
Prosody Prosody
516
VMScore
CVE-2021-44531
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, whic...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Connectors
Oracle Mysql Workbench
Oracle Mysql Server
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Mysql Cluster
445
VMScore
CVE-2021-44532
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerabilit...
Nodejs Node.js
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Enterprise Monitor
Oracle Mysql Connectors
Oracle Mysql Server
Oracle Graalvm 20.3.5
Oracle Graalvm 21.3.1
Oracle Graalvm 22.0.0.2
Oracle Mysql Workbench
Oracle Mysql Cluster
Debian Debian Linux 11.0
445
VMScore
CVE-2005-0473
The HTML parsing functions in Gaim prior to 1.1.3 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.1.1
Mandrakesoft Mandrake Linux 10.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
294
VMScore
CVE-2019-1758
A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent malicious user to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path....
Cisco Ios 15.2\\(1\\)sy7
Cisco Ios 15.1\\(2\\)sy13
Cisco Ios 15.3\\(1\\)sy2
Cisco Ios 15.1\\(1\\)sy2
Cisco Ios 15.2\\(4\\)jn1
Cisco Ios 12.2\\(33\\)sxj8
Cisco Ios 15.1\\(2\\)sy12
Cisco Ios 15.1\\(3\\)svn2
Cisco Ios 15.5\\(1\\)sy2
Cisco Ios 12.2\\(33\\)sxj7
Cisco Ios 15.4\\(1\\)sy1
Cisco Ios 15.1\\(3\\)svi1b
Cisco Ios 15.1\\(2\\)sy1
Cisco Ios 15.1\\(1\\)sy3
Cisco Ios 15.1\\(4\\)m12c
Cisco Ios 12.2\\(33\\)sxj9
Cisco Ios 15.1\\(2\\)sy10
Cisco Ios 15.1\\(2\\)sy9
Cisco Ios 15.1\\(3\\)svp2
Cisco Ios 15.2\\(3\\)ea1
Cisco Ios 15.1\\(1\\)sy6
Cisco Ios 15.4\\(1\\)sy2
736
VMScore
CVE-2012-0217
The x86-64 kernel system-call functionality in Xen 4.1.2 and previous versions, as used in Citrix XenServer 6.0.2 and previous versions and other products; Oracle Solaris 11 and previous versions; illumos before r13724; Joyent SmartOS prior to 20120614T184600Z; FreeBSD prior to 9...
Freebsd Freebsd
Illumos Illumos
Joyent Smartos
Xen Xen 4.0.4
Xen Xen 4.1.0
Xen Xen 4.0.2
Xen Xen 4.0.3
Xen Xen 4.1.1
Xen Xen
Xen Xen 4.0.0
Xen Xen 4.0.1
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2003
Microsoft Windows Xp
Citrix Xenserver 6.0
Citrix Xenserver
Netbsd Netbsd
Sun Sunos
3 EDB exploits
3 Github repositories
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »