Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
one web server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2006-3918
http_protocol.c in (1) IBM HTTP Server 6.0 prior to 6.0.2.13 and 6.1 prior to 6.1.0.1, and (2) Apache HTTP Server 1.3 prior to 1.3.35, 2.0 prior to 2.0.58, and 2.2 prior to 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error messa...
Apache Http Server
Debian Debian Linux 3.1
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.10
Canonical Ubuntu Linux 6.06
Redhat Enterprise Linux Server 2.0
Redhat Enterprise Linux Workstation 2.0
1 EDB exploit
8.5
CVSSv2
CVE-2022-20759
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote malicious user to elevate privileges to level ...
Cisco Firepower Threat Defense 7.1.0
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance Software
7.5
CVSSv2
CVE-2019-2725
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to com...
Oracle Weblogic Server 12.1.3.0.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Weblogic Server 10.3.6.0.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.4
Oracle Agile Plm 9.3.5
Oracle Vm Virtualbox
Oracle Communications Converged Application Server 5.1
Oracle Communications Converged Application Server 7.0
Oracle Communications Converged Application Server 7.1
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Storagetek Tape Analytics Sw Tool 2.3
Oracle Tape Library Acsls 8.5
Oracle Tape Virtual Storage Manager Gui 6.2
Oracle Vm Virtualbox 5.2.36
2 EDB exploits
27 Github repositories
4 Articles
5
CVSSv2
CVE-2019-19906
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
Cyrusimap Cyrus-sasl
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Jboss Enterprise Web Server 2.0.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 8.0
Apple Mac Os X 10.14.6
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian 8.0
5
CVSSv2
CVE-2001-1217
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote malicious users to access sensitive information via a double encoded URL with .. (dot dot) sequences.
Oracle Application Server 1.0.2
7.5
CVSSv2
CVE-2017-5404
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52...
Debian Debian Linux 9.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server 6.0
Mozilla Thunderbird
Mozilla Firefox
Mozilla Firefox Esr
1 EDB exploit
7.5
CVSSv2
CVE-2002-0842
Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote malicious users to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, ...
Oracle Application Server 9.0.2
7.5
CVSSv2
CVE-2002-0187
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an malicious user to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."
Microsoft Sql Server 2000
1 EDB exploit
6.4
CVSSv2
CVE-2010-0141
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote malicious users to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935.
Cisco Unified Meetingplace 6.0
Cisco Unified Meetingplace 6.0.170.0
Cisco Unified Meetingplace 6.0.244
8.5
CVSSv2
CVE-2010-0142
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.
Cisco Unified Meetingplace 6.0
Cisco Unified Meetingplace 5.3
Cisco Unified Meetingplace 5.4
Cisco Unified Meetingplace 5.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »