Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog Docs About Contact

cesar cerrudo vulnerabilities and exploits

(subscribe to this query)
7.5
CVSSv2

CVE-2003-0118

SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote malicious users to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an emb...
Microsoft Biztalk Server 2000Microsoft Biztalk Server 2002
7.2
CVSSv2

CVE-2009-0078

The Windows Management Instrumentation (WMI) provider in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2)...
Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows Vista GoldMicrosoft Windows Xp
6.9
CVSSv2

CVE-2009-0080

The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to gain privilege...
Microsoft Windows Server 2008 -Microsoft Windows Vista -
6.9
CVSSv2

CVE-2009-0079

The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) all run under the LocalService account, which allows local users to g...
Microsoft Windows Server 2003Microsoft Windows Xp
7.2
CVSSv2

CVE-2003-0908

The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrate...
Microsoft Windows 2000
7.5
CVSSv2

CVE-2002-0982

Microsoft SQL Server 2000 SP2, when configured as a distributor, allows malicious users to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.
Microsoft Sql Server 2000
5
CVSSv2

CVE-2010-0314

Apple Safari allows remote malicious users to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property val...
Apple Safari
5
CVSSv2

CVE-2010-0315

WebKit before r53607, as used in Google Chrome prior to 4.0.249.89, allows remote malicious users to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and the...
Google ChromeGoogle Chrome 0.2.149.27Google Chrome 0.2.149.29Google Chrome 0.2.149.30Google Chrome 0.2.152.1Google Chrome 0.2.153.1Google Chrome 0.3.154.0Google Chrome 0.3.154.3Google Chrome 0.4.154.18Google Chrome 0.4.154.22Google Chrome 0.4.154.31Google Chrome 0.4.154.33
7.2
CVSSv2

CVE-2004-0894

LSASS (Local Security Authority Subsystem Service) of Windows 2000 Server and Windows Server 2003 does not properly validate connection information, which allows local users to gain privileges via a specially-designed program.
Microsoft Windows 2000Microsoft Windows 2003 Server Datacenter 64-bitMicrosoft Windows 2003 Server EnterpriseMicrosoft Windows 2003 Server Enterprise 64-bitMicrosoft Windows 2003 Server R2Microsoft Windows 2003 Server StandardMicrosoft Windows 2003 Server WebMicrosoft Windows Xp
9
CVSSv2

CVE-2008-1436

Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent malicious users to gain privileges by using one service process to capture a res...
Microsoft Windows-nt VistaMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows Vista -Microsoft Windows Xp
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-3248thanhtungtntremote code executioncodepen embed blockCVE-2025-6354chris coyierCVE-2025-50025nitin yawalkarcode executionCVE-2025-50038CVE-2023-0386cross-site scriptingCVE-2025-6351
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook