Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-3266
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "W...
Microsoft Windows 10 1607
Microsoft Windows Rt 8.1
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2012 -
Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008
Microsoft Windows 10 -
Microsoft Windows 10 1511
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
10
CVSSv2
CVE-2016-3270
The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted applicatio...
Microsoft Windows Server 2012 R2
Microsoft Windows 7
Microsoft Windows Rt 8.1
Microsoft Windows 10 -
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows 10 1511
Microsoft Windows 10 1607
Microsoft Windows Vista
Microsoft Windows 8.1
Microsoft Windows Server 2012 -
10
CVSSv2
CVE-2014-9906
Use-after-free vulnerability in DBD::mysql prior to 4.029 allows malicious users to cause a denial of service (program crash) or possibly execute arbitrary code via vectors related to a lost server connection.
Debian Debian Linux 8.0
Dbd-mysql Project Dbd-mysql
10
CVSSv2
CVE-2016-4328
MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) prior to 2015R1 has hardcoded credentials, which makes it easier for remote malicious users to obtain sensitive information via direct requests to the application database server.
Medhost Perioperative Information Management System -
1 Article
10
CVSSv2
CVE-2010-5326
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly prior to 7.3, does not require authentication, which allows remote malicious users to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "D...
Sap Netweaver Application Server Java
1 Article
10
CVSSv2
CVE-2016-0799
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g improperly calculates string lengths, which allows remote malicious users to cause a denial of service (overflow and out-of-bounds read) or possibly have unspecified other impac...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
10
CVSSv2
CVE-2016-2842
The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote malicious users to cause a denial of service (out-of-bounds write or memory consumption) or p...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
Openssl Openssl 1.0.1f
10
CVSSv2
CVE-2015-4716
Directory traversal vulnerability in the routing component in ownCloud Server prior to 7.0.6 and 8.0.x prior to 8.0.4, when running on Windows, allows remote malicious users to reinstall the application or execute arbitrary code via unspecified vectors.
Owncloud Owncloud
Owncloud Owncloud 8.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.3
Microsoft Windows
10
CVSSv2
CVE-2015-2726
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 39.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Oracle Solaris 11.3
Mozilla Firefox
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Server 11
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Software Development Kit 12.0
10
CVSSv2
CVE-2015-1920
IBM WebSphere Application Server (WAS) 6.1 up to and including 6.1.0.47, 7.0 prior to 7.0.0.39, 8.0 prior to 8.0.0.11, and 8.5 prior to 8.5.5.6 allows remote malicious users to execute arbitrary code by sending crafted instructions in a management-port session.
Ibm Websphere Application Server 8.5.0.0
Ibm Websphere Application Server 8.5.0.1
Ibm Websphere Application Server 8.0.0.4
Ibm Websphere Application Server 8.0.0.5
Ibm Websphere Application Server 8.0.0.6
Ibm Websphere Application Server 8.0.0.7
Ibm Websphere Application Server 7.0.0.19
Ibm Websphere Application Server 7.0.0.2
Ibm Websphere Application Server 7.0.0.21
Ibm Websphere Application Server 7.0.0.22
Ibm Websphere Application Server 6.1
Ibm Websphere Application Server 6.1.0
Ibm Websphere Application Server 6.1.0.0
Ibm Websphere Application Server 6.1.0.1
Ibm Websphere Application Server 6.1.0.29
Ibm Websphere Application Server 6.1.0.3
Ibm Websphere Application Server 6.1.0.31
Ibm Websphere Application Server 6.1.0.33
Ibm Websphere Application Server 6.1.0.35
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.5.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »