Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
james forshaw vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-2172
jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x prior to 1.4.8 and 1.5.x prior to 1.5.5 allows context-dependent malicious users to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrar...
Apache Santuario Xml Security For Java 1.5.1
Apache Santuario Xml Security For Java 1.5.2
Apache Santuario Xml Security For Java 1.5.4
Apache Santuario Xml Security For Java 1.5.3
Apache Santuario Xml Security For Java 1.4.7
Apache Santuario Xml Security For Java 1.5.0
7.2
CVSSv2
CVE-2019-0841
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-20...
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1803
Microsoft Windows 10 1709
Microsoft Windows 10 1703
Microsoft Windows 10 1809
4 EDB exploits
6 Github repositories
2 Articles
4.3
CVSSv2
CVE-2013-2153
The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows context-dependent malicious users to reuse signatures and spoof arbitrary content via crafted Reference elements in the Signat...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
5.8
CVSSv2
CVE-2013-2155
Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 does not properly validate length values, which allows remote malicious users to cause a denial of service or bypass the CVE-2009-0217 protection mechanism and spoof a signature via crafted length values to...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
7.5
CVSSv2
CVE-2013-2156
Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitr...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
7.5
CVSSv2
CVE-2013-2154
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) prior to 1.7.1 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute a...
Apache Xml Security For C\\+\\+ 1.6.0
Apache Xml Security For C\\+\\+ 1.1.0
Apache Xml Security For C\\+\\+ 1.6.1
Apache Xml Security For C\\+\\+ 1.2.1
Apache Xml Security For C\\+\\+ 1.5.1
Apache Xml Security For C\\+\\+ 1.5.0
Apache Xml Security For C\\+\\+ 0.2.0
Apache Xml Security For C\\+\\+ 1.3.0
Apache Xml Security For C\\+\\+
Apache Xml Security For C\\+\\+ 1.4.0
Apache Xml Security For C\\+\\+ 1.3.1
Apache Xml Security For C\\+\\+ 1.2.0
Apache Xml Security For C\\+\\+ 0.1.0
10
CVSSv2
CVE-2014-1806
The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote malicious users to execute arbitrary code via vectors involving malformed objects, aka "TypeFilterLevel ...
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 1.1
Microsoft .net Framework 4.5
Microsoft .net Framework 4.5.1
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
1 EDB exploit
4 Github repositories
4.6
CVSSv2
CVE-2020-17001
Windows Print Spooler Elevation of Privilege Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 7 Sp1
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
1 Github repository
4.6
CVSSv2
CVE-2021-26891
Windows Container Execution Agent Elevation of Privilege Vulnerability
Microsoft Windows 10 1607
Microsoft Windows Server 2016 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1909
Microsoft Windows 10 1909
Microsoft Windows 10 2004
Microsoft Windows Server 2016 2004
Microsoft Windows 10 20h2
Microsoft Windows Server 2016 20h2
9.3
CVSSv2
CVE-2014-0257
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine whether it is safe to execute a method, which allows remote malicious users to execute arbitrary code via (1) a crafted web site or (2) a crafted .NET Framework applicati...
Microsoft .net Framework 1.0
Microsoft .net Framework 1.1
Microsoft .net Framework 4.5
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 2.0
Microsoft .net Framework 4.5.1
Microsoft .net Framework 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »