Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
web server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-9683
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'extensionsettings' CGI (/cgi-bin/extensionsettings) component responsible fo...
Dell Sonicwall Secure Remote Access Server 8.1.0.2-14sv
1 EDB exploit
10
CVSSv2
CVE-2016-9684
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI (/cgi-bin/viewcert) component responsible for processing SSL c...
Dell Sonicwall Secure Remote Access Server 8.1.0.2-14sv
1 EDB exploit
10
CVSSv2
CVE-2016-10108
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data.
Western Digital Mycloud Nas 2.11.142
1 Metasploit module
10
CVSSv2
CVE-2016-3551
Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to JAXWS Web Services Stack.
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 11.1.1.9.0
Oracle Weblogic Server 11.1.1.7.0
10
CVSSv2
CVE-2016-5640
Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware prior to 1.4.0.13 allows remote malicious users to execute arbitrary commands via a .. (dot dot) in the ATE_COMMAND parameter.
Crestron Airmedia Am-100 Firmware
3 Github repositories
10
CVSSv2
CVE-2016-5670
Crestron Electronics DM-TXRX-100-STR devices with firmware prior to 1.3039.00040 have a hardcoded password of admin for the admin account, which makes it easier for remote malicious users to obtain access via the web management interface.
Crestron Dm-txrx-100-str Firmware 1.2866.00026
10
CVSSv2
CVE-2016-3607
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to Web Container.
Oracle Glassfish Server 3.1.2
Oracle Glassfish Server 3.0.1
10
CVSSv2
CVE-2016-3499
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0 and 12.2.1.0 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to Web Container.
Oracle Weblogic Server 12.2.1.0.0
Oracle Weblogic Server 12.1.3.0.0
10
CVSSv2
CVE-2016-3644
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x up to and including 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) prior to 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac;...
Symantec Norton Security
Symantec Protection Engine 7.8.0
Symantec Protection Engine
Symantec Advanced Threat Protection
Symantec Norton Bootable Removal Tool
Symantec Data Center Security Server 6.0
Symantec Data Center Security Server 6.6
Symantec Data Center Security Server 6.5
Symantec Protection For Sharepoint Servers
Symantec Message Gateway For Service Providers 10.6
Symantec Message Gateway For Service Providers 10.5
Symantec Csapi
Symantec Endpoint Protection 12.1.6
Symantec Norton Power Eraser
Symantec Mail Security For Domino
Symantec Mail Security For Microsoft Exchange 6.5.8
Symantec Mail Security For Microsoft Exchange
Symantec Message Gateway
Symantec Norton 360
Symantec Norton Antivirus
Symantec Norton Internet Security
Symantec Norton Security With Backup
1 EDB exploit
10
CVSSv2
CVE-2016-3645
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x up to and including 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) prior to 12.1 RU6 MP5; Sy...
Symantec Norton Security
Symantec Protection Engine 7.8.0
Symantec Protection Engine
Symantec Advanced Threat Protection
Symantec Norton Bootable Removal Tool
Symantec Data Center Security Server 6.0
Symantec Data Center Security Server 6.6
Symantec Data Center Security Server 6.5
Symantec Protection For Sharepoint Servers
Symantec Message Gateway For Service Providers 10.6
Symantec Message Gateway For Service Providers 10.5
Symantec Csapi
Symantec Endpoint Protection 12.1.6
Symantec Norton Power Eraser
Symantec Mail Security For Domino
Symantec Mail Security For Microsoft Exchange 6.5.8
Symantec Mail Security For Microsoft Exchange
Symantec Message Gateway
Symantec Norton 360
Symantec Norton Antivirus
Symantec Norton Internet Security
Symantec Norton Security With Backup
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »