Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
amp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-4172
SQL injection vulnerability in page.php in Cars & Vehicle (aka Cars-Vehicle Script) allows remote malicious users to execute arbitrary SQL commands via the lnkid parameter.
Rfaah Cars-vehicles Script
1 EDB exploit
5.3
CVSSv3
CVE-2016-1319
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext...
Cisco Unified Communications Manager Im And Presence Service 10.5\\\\\\(2\\\\\\)
Cisco Unified Contact Center Express 11.0\\\\\\(1\\\\\\)
Cisco Unified Communications Manager 9.1\\\\\\(2.10000.28\\\\\\)
Cisco Unified Communications Manager 10.5\\\\\\(2.10000.5\\\\\\)
Cisco Unified Communications Manager 10.5\\\\\\(2.12901.1\\\\\\)
Cisco Unified Communications Manager 11.0\\\\\\(1.10000.10\\\\\\)
Cisco Unity Connection 10.5\\\\\\(2\\\\\\)
NA
CVE-2002-0022
Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote malicious users to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated.
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
NA
CVE-2000-0109
The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords.
Comstock Multicsp 4.2
1 EDB exploit
6.7
CVSSv3
CVE-2017-12317
The Cisco AMP For Endpoints application allows an authenticated, local malicious user to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protectio...
Cisco Advanced Malware Protection 3.1\\(10\\)
Cisco Advanced Malware Protection 4.1\\(4\\)
Cisco Advanced Malware Protection 4.2\\(1\\)
Cisco Advanced Malware Protection 5.0\\(1\\)
Cisco Advanced Malware Protection 5.0\\(5\\)
Cisco Advanced Malware Protection 5.1\\(13\\)
Cisco Advanced Malware Protection 5.1\\(5\\)
Cisco Advanced Malware Protection 4.0\\(0\\)
Cisco Advanced Malware Protection 4.0\\(1\\)
Cisco Advanced Malware Protection 4.0\\(2\\)
Cisco Advanced Malware Protection 4.1\\(0\\)
Cisco Advanced Malware Protection 4.1\\(1\\)
Cisco Advanced Malware Protection 5.0\\(7\\)
Cisco Advanced Malware Protection 5.0\\(9\\)
Cisco Advanced Malware Protection 5.1\\(1\\)
Cisco Advanced Malware Protection 5.1\\(11\\)
Cisco Advanced Malware Protection 4.3\\(1\\)
Cisco Advanced Malware Protection 4.4\\(0\\)
Cisco Advanced Malware Protection 4.4\\(1\\)
Cisco Advanced Malware Protection 4.4\\(2\\)
Cisco Advanced Malware Protection 5.1\\(9\\)
Cisco Advanced Malware Protection 6.0\\(1\\)
6.5
CVSSv3
CVE-2021-41973
In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer and loops if there is more data than expected. Please update MINA to 2.1.5 or grea...
Apache Mina
Oracle Customer Management And Segmentation Foundation 18.0
Oracle Banking Trade Finance Process Management 14.5
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Banking Payments 14.5
Oracle Banking Treasury Management 14.5
Oracle Customer Management And Segmentation Foundation 19.0
Oracle Fusion Middleware Common Libraries And Tools 12.2.1.4.0
Oracle Fusion Middleware Common Libraries And Tools 14.1.1.0.0
Oracle Oss Support Tools 2.12.42
Oracle Fusion Middleware Common Libraries And Tools 12.2.1.3.0
Oracle Flexcube Universal Banking
Oracle Flexcube Universal Banking 14.5
NA
CVE-2006-6716
SQL injection vulnerability in administration/administre2.php in Eric GUILLAUME uploader&downloader 3 allows remote malicious users to execute arbitrary SQL commands via the id_user parameter.
Eric Guillaume Upload Download De Fichiers 3
1 EDB exploit
NA
CVE-2024-2757
In PHP 8.3.* prior to 8.3.5, function mb_encode_mimeheader() runs endlessly for some inputs that contain long strings of non-space characters followed by a space. This could lead to a potential DoS attack if a hostile user sends data to an application that uses this function.
NA
CVE-2008-6768
Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/upload/.
Shopsystem-forum K\\&s Shopsoftware
1 EDB exploit
NA
CVE-2007-0856
TmComm.sys 1.5.0.1052 in the Trend Micro Anti-Rootkit Common Module (RCM), with the VsapiNI.sys 3.320.0.1003 scan engine, as used in Trend Micro PC-cillin Internet Security 2007, Antivirus 2007, Anti-Spyware for SMB 3.2 SP1, Anti-Spyware for Consumer 3.5, Anti-Spyware for Enterpr...
Trend Micro Trend Micro Antirootkit Common Module
Trend Micro Trend Micro Antispyware 3.0 Sp2
Trend Micro Client-server-messaging Security 3.5
Trend Micro Damage Cleanup Services 3.2
Trend Micro Trend Micro Antivirus 2007
Trend Micro Vsapini.sys 3.320.1003
Trend Micro Pc-cillin Internet Security 2007
Trend Micro Tmcomm.sys 1.5.1052
Trend Micro Trend Micro Antispyware 3.2 Sp1
Trend Micro Trend Micro Antispyware 3.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »