Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
longer vulnerabilities and exploits
(subscribe to this query)
3.7
CVSSv2
CVE-2009-4411
The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink att...
Xfs Acl 2.2.47
5
CVSSv2
CVE-2017-11565
debian/tor.init in the Debian tor_0.2.9.11-1~deb9u1 package for Tor was designed to execute aa-exec from the standard system pathname if the apparmor package is installed, but implements this incorrectly (with a wrong assumption that the specific pathname would remain the same fo...
Debian Tor 0.2.9.11-1
2.1
CVSSv2
CVE-2020-10769
A buffer over-read flaw was found in RH kernel versions prior to 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it ca...
Redhat Enterprise Linux 7.0
Opensuse Leap 15.1
5
CVSSv2
CVE-2009-2470
Mozilla Firefox prior to 3.0.12, and 3.5.x prior to 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
Mozilla Firefox 0.8
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0
Mozilla Firefox 3.0.5
Mozilla Firefox 1.0.7
Mozilla Firefox 1.0.6
Mozilla Firefox 2.0 .5
Mozilla Firefox 2.0.0.14
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9
Mozilla Firefox 1.0.3
Mozilla Firefox 2.0.0.9
Mozilla Firefox 1.5
Mozilla Firefox 2.0 .7
Mozilla Firefox 2.0 .9
Mozilla Firefox 1.4.1
Mozilla Firefox 2.0.0.15
Mozilla Firefox 0.5
Mozilla Firefox 0.6
Mozilla Firefox 1.5.0.11
Mozilla Firefox 2.0.0.7
Mozilla Firefox 1.5.0.8
7.2
CVSSv2
CVE-2019-1162
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then ins...
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows 10 1607
Microsoft Windows 8.1 -
Microsoft Windows Server 2016 -
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Rt 8.1 -
Microsoft Windows 10 1703
Microsoft Windows Server 2012 -
Microsoft Windows 10 -
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows Server 2016 1803
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows Server 2016 1903
Microsoft Windows 10 1903
2 Articles
5
CVSSv2
CVE-2021-1523
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote malicious user to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being drop...
Cisco Nx-os 13.2\\(3n\\)
Cisco Nx-os 14.2\\(4i\\)
7.5
CVSSv2
CVE-2002-0364
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows malicious users to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
7.5
CVSSv2
CVE-2002-0071
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows malicious users to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
5
CVSSv2
CVE-2002-0072
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote malicious users to cause a denial of service (crash) when t...
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
5
CVSSv2
CVE-2002-0073
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
Microsoft Internet Information Services 5.0
Microsoft Internet Information Server 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »