Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
messaging server vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2016-6445
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) prior to 2.0.6 and Acano Server prior to 1.8.18 and 1.9.x prior to 1.9.6 could allow an unauthenticated, remote malicious user to masquerade as a legitimate user. Th...
Cisco Meeting Server 2.0.1
Cisco Meeting Server 2.0.4
Cisco Meeting Server 2.0.0
Cisco Meeting Server 1.8.15
Cisco Meeting Server 1.8 Base
Cisco Meeting Server 2.0.3
Cisco Meeting Server 2.0.5
Cisco Meeting Server 1.9.0
Cisco Meeting Server 1.9.2
5
CVSSv2
CVE-2009-0099
The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote malicious users to cause a denial of service (application outage) via a malformed MAPI c...
Microsoft Exchange Server 2000
Microsoft Exchange Server 2003
Microsoft Exchange Server 2007
5
CVSSv2
CVE-2021-25122
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.6
Oracle Database 12.2.0.1
Oracle Database 19c
Oracle Managed File Transfer 12.2.1.4.0
Oracle Siebel Ui Framework
Oracle Mysql Enterprise Monitor
Oracle Graph Server And Client
Oracle Graph Server And Client 21.3.0
Oracle Database 21c
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Communications Instant Messaging Server 10.0.1.5.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.6.0
7.5
CVSSv2
CVE-2022-31013
Chat Server is the chat server for Vartalap, an open-source messaging application. Versions 2.3.2 until 2.6.0 suffer from a bug in validating the access token, resulting in authentication bypass. The function `this.authProvider.verifyAccessKey` is an async function, as the code i...
Chat Server Project Chat Server
7.2
CVSSv2
CVE-2008-2812
The Linux kernel prior to 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio...
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.04
Novell Linux Desktop 9
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Suse Linux Enterprise Server 10
Suse Suse Linux Enterprise Desktop 10
Debian Debian Linux 4.0
Avaya Message Networking 3.1
Avaya Sip Enablement Services 4.0
Avaya Messaging Storage Server 4.0
Avaya Proactive Contact 4.0
Avaya Meeting Exchange 5.0
Avaya Expanded Meet-me Conferencing
Avaya Intuity Audix Lx 2.0
Avaya Sip Enablement Services -
Avaya Communication Manager
10
CVSSv2
CVE-2008-5279
The Local ZIM Server (zcs.exe) in Zilab Chat and Instant Messaging (ZIM) Server 2.1 and previous versions allow remote malicious users to execute arbitrary code via (1) heap-based buffer overflows involving multiple vectors including a long room name and a long source account, an...
Zilab Zim Server
Zilab Zim Server 2.0
7.5
CVSSv2
CVE-2005-0533
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI prior to 7.510, as used in multiple Trend Micro products, allows remote malicious users to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
Trend Micro Control Manager Gold
Trend Micro Interscan Emanager 3.5.2
Trend Micro Interscan Emanager 3.6
Trend Micro Interscan Messaging Security Suite 5.5
Trend Micro Interscan Viruswall 3.5
Trend Micro Interscan Viruswall 3.52
Trend Micro Interscan Viruswall 5.1
Trend Micro Interscan Viruswall Gold
Trend Micro Interscan Web Security Suite Gold
Trend Micro Interscan Webmanager 1.2
Trend Micro Interscan Webmanager 2.1
Trend Micro Officescan Corporate 3.11
Trend Micro Officescan Corporate 3.13
Trend Micro Officescan Corporate 5.58
Trend Micro Pc-cillin 2000
Trend Micro Scanmail 2.51
Trend Micro Scanmail 3.8
Trend Micro Scanmail 6.1
Trend Micro Scanmail Gold
Trend Micro Serverprotect 1.25 2007-02-16
Trend Micro Client-server Suite Smb Gold
Trend Micro Interscan Messaging Security Suite Gold
7.2
CVSSv2
CVE-2012-0157
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a ...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows Xp -
Microsoft Windows Xp
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Vista
NA
CVE-2022-2508
In affected versions of Octopus Server it is possible to reveal the existence of resources in a space that the user does not have access to due to verbose error messaging.
Octopus Octopus Server
6
CVSSv2
CVE-2022-23302
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBi...
Apache Log4j
Netapp Snapmanager -
Broadcom Brocade Sannav -
Qos Reload4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Jdeveloper 12.2.1.3.0
Oracle Identity Management Suite 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Communications Network Integrity 7.3.6
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Advanced Supply Chain Planning 12.2
Oracle Advanced Supply Chain Planning 12.1
Oracle Communications Unified Inventory Management 7.4.1
Oracle Enterprise Manager Base Platform 13.5.0.0
Oracle Communications Messaging Server 8.1
Oracle Business Intelligence 5.9.0.0.0
Oracle Healthcare Foundation 8.1.0
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »