Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stefan esser vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2007-1399
Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and previous versions, as bundled with PHP 5.2.0 and 5.2.1, allows remote malicious users to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP i...
Php Php 5.2.0
Php Php 5.2.1
Pecl Zip 1.8.3
1 EDB exploit
1000
VMScore
CVE-2007-1383
Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent malicious users to execute arbitrary code by overflowing this counter, which causes the same variable to be destroyed twice, a related issue to CVE-2007-1286.
Php Php 4.0
1 EDB exploit
1000
VMScore
CVE-2004-1227
Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and previous versions allows remote malicious users to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the (1) module, (2) action, or (3) theme parameters to index.php, (4)...
Sugarcrm Sugar Sales
1 EDB exploit
1000
VMScore
CVE-2004-1018
Multiple integer handling errors in PHP prior to 4.3.10 allow malicious users to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the p...
Php Php
Canonical Ubuntu Linux 4.10
2 EDB exploits
935
VMScore
CVE-2007-1581
The resource system in PHP 5.0.0 up to and including 5.2.1 allows context-dependent malicious users to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify internal resou...
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 5.2.0
Php Php 5.2.1
Php Php 5.2.8
Php Php 5.2.9
Php Php 5.0.4
Php Php 5.0.5
Php Php 5.1.3
Php Php 5.1.4
Php Php 5.2.4
Php Php 5.2.5
Php Php 5.2.12
Php Php 5.2.13
Php Php 5.0.2
Php Php 5.0.3
Php Php 5.1.1
Php Php 5.1.2
Php Php 5.2.2
Php Php 5.2.3
1 EDB exploit
890
VMScore
CVE-2007-6114
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 up to and including 0.99.6 allow remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser...
Wireshark Wireshark 0.99
Wireshark Wireshark 0.99.0
Wireshark Wireshark 0.99.1
Wireshark Wireshark 0.99.2
Wireshark Wireshark 0.99.3
Wireshark Wireshark 0.99.6
Wireshark Wireshark 0.99.4
Wireshark Wireshark 0.99.5
890
VMScore
CVE-2007-0910
Unspecified vulnerability in PHP prior to 5.2.1 allows malicious users to "clobber" certain super-global variables via unspecified vectors.
Php Php 3.0.10
Php Php 3.0.11
Php Php 3.0.18
Php Php 3.0.2
Php Php 3.0.9
Php Php 4.0
Php Php 4.0.5
Php Php 4.0.6
Php Php 3.0
Php Php 3.0.1
Php Php 3.0.16
Php Php 3.0.17
Php Php 3.0.7
Php Php 3.0.8
Php Php 4.0.3
Php Php 4.0.4
Php Php 4.1.0
Php Php 4.1.1
Php Php 4.3.0
Php Php 4.3.1
Php Php 4.3.7
Php Php 4.3.8
890
VMScore
CVE-2005-2149
config.php in Cacti 0.8.6e and previous versions allows remote malicious users to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
The Cacti Group Cacti 0.8.2
The Cacti Group Cacti 0.8.2a
The Cacti Group Cacti 0.8.6a
The Cacti Group Cacti 0.8.6b
The Cacti Group Cacti 0.8.4
The Cacti Group Cacti 0.8.5
The Cacti Group Cacti 0.8.6e
The Cacti Group Cacti 0.8.3
The Cacti Group Cacti 0.8.3a
The Cacti Group Cacti 0.8.6c
The Cacti Group Cacti 0.8.6d
The Cacti Group Cacti 0.8
The Cacti Group Cacti 0.8.1
The Cacti Group Cacti 0.8.5a
The Cacti Group Cacti 0.8.6
890
VMScore
CVE-2004-0882
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x up to and including 3.0.7 may allow remote malicious users to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
Samba Samba 3.0.0
Samba Samba 3.0.5
Samba Samba 3.0.6
Samba Samba 3.0.2a
Samba Samba 3.0.3
Samba Samba 3.0.1
Samba Samba 3.0.2
Samba Samba 3.0.7
Conectiva Linux 10.0
Samba Samba 3.0.4
Redhat Enterprise Linux 2.1
Redhat Fedora Core Core 3.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux 3.0
Ubuntu Ubuntu Linux 4.1
Redhat Enterprise Linux Desktop 3.0
Redhat Fedora Core Core 2.0
890
VMScore
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and previous versions allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index in...
Carnegie Mellon University Cyrus Imap Server 2.1.7
Carnegie Mellon University Cyrus Imap Server 2.1.9
Carnegie Mellon University Cyrus Imap Server 2.2.7
Carnegie Mellon University Cyrus Imap Server 2.2.8
Carnegie Mellon University Cyrus Imap Server 2.1.10
Carnegie Mellon University Cyrus Imap Server 2.1.16
Carnegie Mellon University Cyrus Imap Server 2.2.4
Carnegie Mellon University Cyrus Imap Server 2.2.5
Carnegie Mellon University Cyrus Imap Server 2.2.6
Carnegie Mellon University Cyrus Imap Server 2.2.2 Beta
Carnegie Mellon University Cyrus Imap Server 2.2.3
Conectiva Linux 9.0
Carnegie Mellon University Cyrus Imap Server 2.2.0 Alpha
Carnegie Mellon University Cyrus Imap Server 2.2.1 Beta
Openpkg Openpkg Current
Conectiva Linux 10.0
Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Redhat Fedora Core Core 2.0
Redhat Fedora Core Core 3.0
Ubuntu Ubuntu Linux 4.1
Trustix Secure Linux 2.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »