Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2013-5443
Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote malicious users to hijack the authentication of arbitrary users.
Ibm Cognos Express 10.1
Ibm Cognos Express 9.0
Ibm Cognos Express 9.5
Ibm Cognos Express 10.2.1
5
CVSSv2
CVE-2013-5444
The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote malicious users to read encrypted credentials via unspecified vectors.
Ibm Cognos Express 9.0
Ibm Cognos Express 9.5
Ibm Cognos Express 10.1
Ibm Cognos Express 10.2.1
5
CVSSv2
CVE-2013-5445
IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.
Ibm Cognos Express 9.5
Ibm Cognos Express 10.2.1
Ibm Cognos Express 10.1
Ibm Cognos Express 9.0
5
CVSSv2
CVE-1999-1033
Microsoft Outlook Express prior to 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
Microsoft Outlook Express 4.72.3120.0
Microsoft Outlook Express
Microsoft Outlook Express 4.27.3110.1
1 EDB exploit
5
CVSSv2
CVE-2001-0945
Buffer overflow in Outlook Express 5.0 up to and including 5.02 for Macintosh allows remote malicious users to cause a denial of service via an e-mail message that contains a long line.
Microsoft Outlook Express 5.0
Microsoft Outlook Express 5.0.1
Microsoft Outlook Express 5.0.2
4.3
CVSSv2
CVE-2021-32817
express-hbs is an Express handlebars template engine. express-hbs mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potent...
Express Handlebars Project Express Handlebars
5
CVSSv2
CVE-2021-32820
Express-handlebars is a Handlebars view engine for Express. Express-handlebars mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications...
Express Handlebars Project Express Handlebars
6.8
CVSSv2
CVE-2020-22403
Cross Site Request Forgery (CSRF) vulnerability in Express cart v1.1.16 allows malicious users to add an administrator account, add discount code or other unspecified impacts.
Express-cart Project Express-cart
9
CVSSv2
CVE-2018-3758
Unrestricted file upload (RCE) in express-cart module prior to 1.1.7 allows a privileged user to gain access in the hosting machine.
Express-cart Project Express-cart
5
CVSSv2
CVE-2020-7767
All versions of package express-validators are vulnerable to Regular Expression Denial of Service (ReDoS) when validating specifically-crafted invalid urls.
Express-validators Project Express-validators
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »