Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
iis vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-0079
Microsoft Visio Viewer 2010 SP1 allows remote malicious users to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
Microsoft Visio 2010
Microsoft Office Filter Pack 2010
Microsoft Visio Viewer 2010
NA
CVE-2013-0005
The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote malicious users to cause a denial of service (resource consumption an...
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
Microsoft Management Odata Iis Extension -
NA
CVE-2012-5674
Unspecified vulnerability in Adobe ColdFusion 10 before Update 5, when Internet Information Services (IIS) is used, allows malicious users to cause a denial of service via unknown vectors.
Adobe Coldfusion 10.0
NA
CVE-2012-2532
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote malicious users to obtain sensitive information by reading the replies to these commands, aka "FTP Command Inject...
Microsoft Ftp Service 7.0
Microsoft Ftp Service 7.5
NA
CVE-2012-2531
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."
NA
CVE-2012-4591
About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 discloses the name of the user account for an IIS worker process, which allows remote malicious users to obtain potentially sensitive information by visiting this page.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
NA
CVE-2009-0693
Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote malicious users to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.
Dell Wyse Device Manager 4.7.2
Dell Wyse Device Manager 4.7.0
Dell Wyse Device Manager 4.7.1
1 EDB exploit
NA
CVE-2009-0695
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote malicious users to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
Dell Wyse Device Manager 4.7.1
Dell Wyse Device Manager 4.7.2
Dell Wyse Device Manager 4.7.0
2 EDB exploits
NA
CVE-2012-1821
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x up to and including 11.0.700x on Windows Server 2003 allows remote malicious users to cause a denial of service (web-server outage, or daemon crash or hang) via a flood o...
Symantec Endpoint Protection 11.0.7100
Symantec Endpoint Protection 11.0.6200
Symantec Endpoint Protection 11.0.6200.754
Symantec Endpoint Protection 11.0.6000
Symantec Endpoint Protection 11.0.6100
Symantec Endpoint Protection 11.0.6300
Symantec Endpoint Protection 11.0.7000
NA
CVE-2011-2012
Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 does not properly validate session cookies, which allows remote malicious users to cause a denial of service (IIS outage) via unspecified network traffic, aka "Null Session Cookie Crash.&...
Microsoft Forefront Unified Access Gateway 2010
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »