Security Vulnerabilities
In the fast paced world of cybersecurity, the list of vulnerabilities grows daily. Researching, discovery, remediation, and patching is a never-ending cycle. Keeping up with them can be an exhausting task, which is why we keep a list of document list of vulnerabilities:
.NET Framework | Apache | Cisco | DNS | Flash | HTTP | IIS | Microsoft | MSSQL | Netbios | NFS | Oracle | PHP | RPC | SMB | SMTP | SNMP | SQL | SSH | SSL | Telnet | VMware | Windows | xml
Implementing offensive security as a layered tier of cybersecurity solutions is one of the best ways to stay ahead of retroactively patching and remediation. With the right proactive security layers for static application security testing, dynamic application security testing, and vulnerability management security issues can be discovered before product deployment and help minimize remediation efforts, saving time and money.
Security Vulnerabilities Related to a .NET Framework
Here are known vulnerabilities for the .NET Framework, which are APIs that support advanced type systems, data, graphics, network, file handling that are used to write apps in the Microsoft Enterprise System.
Finding and Fixing Vulnerabilities in .NET Framework Allows Code Execution (MS11-044) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in .NET Framework Allows Code Execution (MS11-028) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in .NET Framework Allows Code Execution (MS12-038) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in .NET Framework and Microsoft Silverlight Allow Code Execution (MS11-078) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in .NET Framework Allow Code Execution (MS12-035) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in NET Framework Allow Code Execution (MS12_074) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in .NET Framework and Microsoft Silverlight Allow Code Execution (MS12-016)
Security Vulnerabilities Related to Apache
These are known security vulnerabilities in versions of Apache HTTP Server.
Finding and Fixing Vulnerabilities in Apache Tomcat Default Error Page Version Detection
Finding and Fixing Vulnerabilities in Apache HTTP Server httpOnly Cookie Information Leak , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache APR apr_fnmatch DoS , a Medium Risk Vulnerability
Apache mod_negotiation Multi-Line Filename Upload Vulnerabilities Fix
Apache mod_proxy_ajp DoS Vulnerability Fix
Apache Running Version Prior to 2.2.22 Vulnerability Fix
Finding and Fixing Vulnerabilities in Apache Running Version Prior to 2.2.23 , a Medium Risk Vulnerability
Vulnerabilities in Apache HTTP Server Byte Range DoS Fix
Finding and Fixing Vulnerabilities in Apache Running Version Prior to 2.2.27 , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache Running Version Prior to 2.2.24 , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache Running Version Prior to 2.2.28, a High Risk Vulnerability
Finding and Fixing Apache APR apr_palloc Heap Overflow, a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache UserDir Sensitive Information Disclosure , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache HTTP Server Range Header Denial of Service Vulnerability (DoS) , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache Tomcat Transfer-Encoding Header Vulnerability , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache HTTP Server httpOnly Cookie Information Disclosure , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache Jakarta Cross-Site Scripting Vulnerability , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache mod_suexec Multiple Privilege Escalation , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Apache Running Version Prior to 2.2.25 , a Medium Risk Vulnerability
Security Vulnerabilities Related to Flash
Here’s a list of Flash security vulnerabilities.
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.51 / 11.5.502.149 (APSB13-05) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.24 / 11.4.402.279 (APSB12-22) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.2.152.26 (APSB11-02) , a High Risk Vulnerability
Finding and Fixing Vulnerability in Flash Player Multiple Memory Corruption Vulnerabilities (APSB12-07), a High Risk Vulnerability
Flash Player Running Version Prior to 10.3.183.48 / 11.5.502.135 (APSB13-01) Vulnerability Fix
Flash Player Object Confusion Vulnerability (APSB12-09) Fix
Flash Player Running Version Prior to 10.3.183.23 / 11.4.402.265 (APSB12-19) Vulnerability Fix
Finding and Fixing Vulnerabilities in Flash Player Unspecified Memory Corruption (APSA11-01) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Adobe Flash Player Multiple Vulnerabilities (ASPB10-14) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player ActionScript Predefined Class Prototype Addition Code Execution (APSB11-07) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.5 (APSB11-21) , a High Risk Vulnerability
Flash Cross-Domain Policy File Vulnerability Fix
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.67 / 11.6.602.171 (APSB13-08) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Versions Prior to 10.3.183.10 / 11.0.1.152 (APSB11-28) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Unspecified Code Execution (APSB10-22) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.43 / 11.5.502.110 (APSB12-24) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.75 / 11.7.700.169 (APSB13-11)
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.181.26 (APSB11-18) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.19 / 11.3.300.256 (APSB12-14) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.43 / 11.5.502.110 (APSB12-27) a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.50 / 11.5.502.146 (APSB13-04), a High Risk Vulnerability
Finding and Fixing Vulnerabilities in , Flash Player Running Version Prior to 10.3.183.7 (APSB11-26) a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Adobe Flash Player Multiple Vulnerabilities (APSB10-26) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.68 / 11.6.602.180 (APSB13-09) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.181.14 (APSB11-12) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Memory Corruption (APSB13-16) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 10.3.183.75 / 11.7.700.169 (APSB13-14) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Version Prior to 11.7.700.232 / 11.8.800.94 (APSB13-17) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Flash Player Running Versions Prior to 10.3.183.15 / 11.1.102.62 (APSB12-03) , a High Risk Vulnerability
Security Vulnerabilities Related to HTTP/HTTPS
Here is a list of security vulnerabilities related to HTTP/HTTPS.
Finding and Fixing Vulnerability in HTTP.sys Allows Remote Code Execution (MS15-034, Network Check), a High Risk Vulnerability
HTTP Server Backported Security Patches Vulnerability Fix
Finding and Fixing Vulnerabilities in Appweb HTTP Server Version , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in HTTP Packet Inspection , a Low Risk Vulnerability
Finding and Fixing the HTTP TRACE Method XSS Vulnerability (CVE-2010-0386)
Finding and Fixing Vulnerabilities in HSTS Missing From HTTPS Server, a Medium Risk Vulnerability
H2: Security Vulnerabilities Related to IIS
This is a list of known security vulnerabilities for IIS.
Finding and Fixing Vulnerabilities in IIS Content-Location HTTP Header , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft IIS Default Page , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft IIS Tilde Character Information Disclosure Vulnerability , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in IIS Sensitive Authentication Information Disclosure
Security Vulnerabilities Related to Microsoft
Here is a list of known Microsoft security vulnerabilities.
Microsoft Malware Protection Engine Allows Code Execution (KB2846338) Vulnerability Fix
Finding and Fixing .NET Framework and Microsoft Silverlight Allows Code Execution (MS11-039), a High Risk Vulnerability
Microsoft Malware Protection Engine (MMPE) Privilege Escalation (2491888) Vulnerability Fix
Microsoft Windows Kernel Win32k.sys PATHRECORD chain Vulnerability Fix
Microsoft .NET Handlers Enumeration Vulnerability Fix
Microsoft ASP.NET Information Disclosure Vulnerability (Network, MS10-070) Scanner and Fix
Security Vulnerabilities Related to MSSQL
Finding and Fixing Vulnerabilities in MS SQL Server Resolution Service Amplification Reflected DRDoS , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft SQL Server Allows Code Execution (MS09-004, KB959420) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsofts SQL UDP Info Query , a Low Risk Vulnerability
Security Vulnerabilities Related to NFS
Here is a list of known security vulnerabilities for NFS.
Finding and Fixing Vulnerabilities in NFS Shares World Readable
Finding and Fixing Vulnerabilities in NFS Server Superfluous , a Medium Risk Vulnerability
Finding and Fixing Mountable NFS Shares, a High Risk Vulnerability
Security Vulnerabilities Related to Oracle
Here is a list of known security vulnerabilities related to Oracle.
Oracle tnslsnr Version Detection Vulnerability Fix
Finding and Fixing Vulnerabilities in Oracle Java SE Multiple Vulnerabilities (June 2011 CPU) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Oracle Java SE Multiple Vulnerabilities (October 2010 CPU) , a High Risk Vulnerability
Security Vulnerabilities Related to PHP
A list of PHP-related known security vulnerabilities.
Finding and Fixing Vulnerabilities in PHP expose_php Information Disclosure
Finding and Fixing Vulnerabilities in PHP Unsupported Version Detection, a High Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP Running Version Prior to 5.3.22 , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP-CSL Cross Site Scripting , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP Running Version Prior to 5.3.26 , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in phpCMS parser.php XSS , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP Running Version Prior to 5.4.17 , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP Running Version Prior to 5.3.13 , a High Risk Vulnerability
Finding and Fixing Vulnerability in PHP Running Version Prior to 5.3.2 / 5.2.13
Finding and Fixing Vulnerabilities in PHP CGI Query String Code Execution , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP Running Version Prior to 5.3.14 , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP Running Version Prior to 5.3.13 , a High Risk Vulnerability
Finding and Fixing Vulnerability in PHP Running Version Prior to 5.3.15 , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in PHP Running Version Prior to 5.3.9 , a Medium Risk Vulnerability
Security Vulnerabilities Related to RPC
Here is a list of security vulnerabilities related to RPC.
Finding and Fixing Vulnerabilities in RPC Portmapper , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in statd RPC Format String , a High Risk Vulnerability
Security Vulnerabilities Related to SMB
Finding and Fixing SMB Signing Disabled Vulnerability
Finding and Fixing Vulnerabilities in NULL Session Available (SMB), a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft Windows SMB Shares Unprivileged Access , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SMB Listens on Port
Finding and Fixing Vulnerabilities in SMB Shares Enumeration , a Medium Risk Vulnerability
Finding and Fixing Vulnerability in Microsoft Windows SMB2 _Smb2ValidateProviderCallback() Vulnerability (MS09-050, Network Check) , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Database Reachable from the Internet , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SMB Users Listing , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SMB Use Host SID to Enumerate Local Users Without Credentials , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SMB Host SID User Enumeration , a Medium Risk Vulnerability
Security Vulnerabilities Related to SMTP
Finding and Fixing Vulnerabilities in SMTP Server Listening on a Non-Default Port , a Medium Risk Vulnerability
SMTP Authentication Methods Vulnerability Fix
Finding and Fixing Vulnerabilities in SMTP Server Listening on a Non-Default Port , a Medium Risk Vulnerability
SMTP Service STARTTLS Command Support Vulnerability Fix
Finding and Fixing Vulnerabilities in SMTP Service Cleartext Login Permitted , a Medium Risk Vulnerability
Security Vulnerabilities Related to SNMP
Finding and Fixing Vulnerabilities in SNMP Agent Default Community Name (public), a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SNMP Protocol Version Detection , a Low Risk Vulnerability
Finding and Fixing Vulnerability in SNMP Disclosure of HP JetDirect EWS Password , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Enumerate LANMAN Users via SNMP , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Enumerate LANMAN Services via SNMP , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Enumerate LANMAN Shares via SNMP , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SNMP Route Enumeration , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in Obtain Processes List via SNMP , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Obtain Network Interfaces List via SNMP , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Default Community Names (SNMP Agent) , a Medium Risk Vulnerability
Security Vulnerabilities Related to SQL
Finding and Fixing Vulnerabilities in SQL Injection, a High Risk Vulnerability
Finding and Fixing Vulnerabilities in SQL Server Allows Elevation of Privilege (MS12-070, Network), a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft SQL Server Blank Password , a High Risk Vulnerability
Security Vulnerabilities Related to SSH
Finding and Fixing Vulnerabilities in SSH Protocol Version 1 Detection , a Medium Risk Vulnerability
Finding and Fixing Vulnerability in OpenSSH Running Version Prior to 7.0 , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in OpenSSH ForceCommand Directive Bypass , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in OpenSSH S/KEY Authentication Account Enumeration , a Medium Risk Vulnerability
Finding and Fixing OpenSSH Privilege Separation Monitor Weakness, a High Risk Vulnerability
Finding and Fixing Vulnerabilities in OpenSSH X11 Session Hijacking Vulnerability , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SSH Server Backported Security Patches , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in OpenSSH Multiple Vulnerabilities , a Medium Risk Vulnerability
Security Vulnerabilities Related to SSL
Finding and Fixing Vulnerabilities in SSL Verification Test , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in SSL Suites Weak Ciphers, a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SSL Certificate is a Self Signed, a Medium Risk Vulnerability
Finding and Fixing SSL RC4 Cipher Suites Supported Vulnerability
Finding and Fixing Vulnerabilities in SSLv3 Padding Oracle On Downgraded Legacy Encryption (POODLE) , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Non-SSL Login , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in SSL Certificate Expiry , a Medium Risk Vulnerability
OpenSSL Heartbeat Vulnerability (Heartbleed) Vulnerability Fix
Finding and Fixing Vulnerabilities in OpenSSL Running Version Prior to 0.9.8za , a Medium Risk Vulnerability
OpenSSL Running Version Prior to 0.9.8zf Vulnerability Fix
Deprecated SSL Protocol Usage Vulnerability Fix
Finding and Fixing Vulnerabilities in OpenSSL Running Version Prior to 1.0.1i , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Appweb Insecure SSL Renegotiation , a Medium Risk Vulnerability
Finding and Fixing OpenSSL Running Version Prior to 0.9.8zc POODLE, a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Supported SSL Ciphers Suites , a Low Risk Vulnerability
Security Vulnerabilities Related to Telnet
Finding and Fixing Vulnerabilities in Telnet Detection , a Low Risk Vulnerability
Finding and Fixing Vulnerabilities in Unencrypted Telnet Server , a Medium Risk Vulnerability
Security Vulnerabilities Related to VMware
Finding and Fixing Vulnerabilities in VMware ESXi 3.5 , a High Risk Vulnerability
Finding and Fixing Vulnerabilities in VMWare Host Detection , a Low Risk Vulnerability
Security Vulnerabilities Related to VNC
Finding and Fixing Vulnerabilities in VNC Server Authentication-less , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in VNC Security Types Detection
Security Vulnerabilities Related to Windows
Finding and Fixing Vulnerabilities in Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration Without Credentials , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft Windows Remote Desktop Protocol Server Private Key Disclosure
Windows Terminal Service Detection Vulnerability Fix
Finding and Fixing Vulnerabilities in Windows Kernel-Mode Drivers Allow Elevation of Privilege (MS12-047), a High Risk Vulnerability
Finding and Fixing Microsoft Windows HTTP.sys Code Execution, a High Risk Vulnerability
Finding and Fixing Vulnerabilities in Windows 2000 Unsupported Installation Detection , a High Risk Vulnerability
Security Vulnerabilities Related to XML
Finding and Fixing Vulnerabilities in Unsupported Microsoft XML Parser (MSXML) and XML Core Services , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft XML Core Services Allow sCode Execution (MS07-042) , a Medium Risk Vulnerability
Finding and Fixing Vulnerabilities in Microsoft XML Core Services Allows Code Execution (KB2719615) , a High Risk Vulnerability