Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
framework vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-3528
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerabil...
Oracle Applications Framework 12.2.4
Oracle Applications Framework 12.2.5
Oracle Applications Framework 12.2.3
Oracle Applications Framework 12.1.3
Oracle Applications Framework 12.2.6
1 EDB exploit
NA
CVE-2013-3860
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote malicious users to cause a denial of service (application crash or hang) via a crafted signed XML document, aka "Entit...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.5
Microsoft .net Framework 4.0
Microsoft .net Framework 2.0
NA
CVE-2013-3861
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote malicious users to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka "JSON Parsing Vulnerability."
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
NA
CVE-2005-2482
The StateToOptions function in msfweb in Metasploit Framework 2.4 and previous versions, when running with the -D option (defanged mode), allows malicious users to modify temporary environment variables before the "_Defanged" environment option is checked when processin...
Metasploit Metasploit Framework 2.0
Metasploit Metasploit Framework 2.1
Metasploit Metasploit Framework 2.2
Metasploit Metasploit Framework 2.3
Metasploit Metasploit Framework 2.4
NA
CVE-2014-4062
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote malicious users to obtain sensitive address information via a crafted web site, aka ".NET ASLR Vulnerability."
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 1.1
Microsoft .net Framework 3.0
Microsoft .net Framework 2.0
NA
CVE-2013-3133
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework applica...
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
NA
CVE-2013-1336
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check signatures, which allows remote malicious users to make undetected changes to signed XML documents via unspecified vectors that preserve signature validity, aka &...
Microsoft .net Framework 4.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
NA
CVE-2013-3171
The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly check the permissions of delegate objects, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2)...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
8.2
CVSSv3
CVE-2018-3243
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: None). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access v...
Oracle Applications Framework 12.1.3
Oracle Applications Framework 12.2.3
Oracle Applications Framework 12.2.4
Oracle Applications Framework 12.2.5
Oracle Applications Framework 12.2.6
NA
CVE-2015-6099
Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."
Microsoft .net Framework 4.0
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.5.2
Microsoft .net Framework 4.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »