Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
reflection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-18541
In Teeworlds prior to 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack us...
Teeworlds Teeworlds
Debian Debian Linux 9.0
NA
CVE-2013-3133
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of objects that use reflection, which allows remote malicious users to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework applica...
Microsoft .net Framework 4.5
Microsoft .net Framework 2.0
Microsoft .net Framework 3.5
Microsoft .net Framework 3.5.1
Microsoft .net Framework 4.0
7.5
CVSSv3
CVE-2020-5591
XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions prior to 1.7.0 allow remote malicious users to cause a denial of service condition resulting in degradation of the recursive resolver's performance or compromising the recursive resol...
Xack Xack Dns
NA
CVE-2012-3174
Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving r...
Oracle Jre 1.7.0
Oracle Jdk 1.7.0
1 Article
NA
CVE-2008-3010
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through c...
Microsoft Windows Media Player 6.4
NA
CVE-2012-4681
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and previous versions allow remote malicious users to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.Cla...
Oracle Jdk 1.7.0
Oracle Jre 1.7.0
Oracle Jdk 1.6.0
Oracle Jre 1.6.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Eus 6.3
1 EDB exploit
4 Github repositories
9 Articles
NA
CVE-2024-29183
OpenRASP is a RASP solution that directly integrates its protection engine into the application server by instrumentation. There exists a reflected XSS in the /login page due to a reflection of the redirect parameter. This allows an malicious user to execute arbitrary javascript ...
NA
CVE-2008-3009
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name (SPN) identifier when validating replies to authentication requests, which allows remote servers to execute ...
Microsoft Windows Media Player 6.4
Microsoft Windows Media Format Runtime 7.1
Microsoft Windows Media Services 4.1
Microsoft Windows Media Services 9
Microsoft Windows Media Services 2008
Microsoft Windows Media Format Runtime 11
Microsoft Windows Media Format Runtime 9.5
Microsoft Windows Media Format Runtime 9
NA
CVE-2009-1930
The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a client user, aka "Telne...
Microsoft Windows 2003 Server Sp2
Microsoft Windows Xp -
Microsoft Windows Server 2008 -
Microsoft Windows Xp
Microsoft Windows Vista -
Microsoft Windows Server 2008
Microsoft Windows 2000 -
Microsoft Windows Vista
NA
CVE-2005-3905
Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and previous versions, 1.4.2_08 and previous versions, and JDK and JRE 5.0 Update 3 and previous versions allows remote malicious users to escape the Java sandbox and access arbitrary files or execute arbit...
Sun Jdk 1.3.0 05
Sun Jdk 1.3.1 03
Sun Jdk 1.3.1 06
Sun Jdk 1.3.1 07
Sun Jdk 1.3.1 09
Sun Jdk 1.3.0 02
Sun Jdk 1.3.1 02
Sun Jdk 1.3.1 08
Sun Jdk 1.3.1 11
Sun Jdk 1.3.1 14
Sun Jdk 1.4.0 01
Sun Jdk 1.4.0 02
Sun Jdk 1.4.0 4
Sun Jdk 1.4.1 02
Sun Jdk 1.4.2 01
Sun Jdk 1.4.2 02
Sun Jdk 1.4.2 05
Sun Jdk 1.5.0 03
Sun Jdk 1.3.1 01
Sun Jdk 1.3.1 04
Sun Jdk 1.3.1 10
Sun Jdk 1.3.1 12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »