Home > Industries > Software
| Vulnerability Name |
| Allow traceroute detection |
| The Remote WWW service supports trace requests |
| Remote WWW service provides support for WebDAV |
| /robots.txt file exists on the remote Web server |
| Remote VNC service is running |
| Remote HTTP server type and version information leaks |
| Remote DNS service allows recursive queries |
| Remote proxy Server allows connection to any port |
| Remote proxy server accepts post requests |
| Remote VNC HTTP service is running |
| Use SMB sessions to get a list of remote domains or workgroups |
| Use SMB sessions to get a remote browse list |
| Take advantage of SMB sessions to get a remote shared list |
| Use SMB sessions to obtain target host configuration information |
| Use SMB sessions to obtain Transport layer protocol information managed by RDR |
| Can get remote native Lan Manager version |
| Remote host can be accessed through a null session |
| DNS server can be remotely managed via RPC |
| System information can be obtained remotely via the NetBIOS name service port |
| Remote WWW service version information can be obtained via HTTPS |
| Remote Rpcbind/portmap is detected in operation |
| Remote RPC.STATD Service is detected to be running |
| Remote Rpc.rquotad Service is detected to be running |
| Remote Rpc.nlockmgr Service is detected to be running |
| Remote RPC.NFSD Service is detected to be running |
| Remote RPC.MOUNTD Service is detected to be running |
| Remote LDAP Service detected to be running |
| The remote DNS service is detected to be running |
| Remote CIS service is detected to be running |
| The target host is detected to support the SSLV2 protocol |
| Windows Terminal Services running on target host detected |
| NTP service running on target host detected |
| The target host is detected to open the 445/tcp while the 139/tcp shuts down |
| Encryption algorithm supported by target host encrypted communication detected |
| The target service is detected to support SSL medium strength encryption algorithm |
| The target service is detected to support SSL weak encryption algorithm |
| Target NTP service supported Monlist command detected |
| The Workstation service is running |
| Server service is running |
| Multiple TLS and DTLS implementation Information Disclosure Vulnerability (CVE-2013-0169) |
| There is an available remote proxy server |
| Windows Terminal Server communication encryption level check |
| Windows Admin Share Startup |
| Windows Server services RPC Request buffer Overflow Vulnerability (ms08-067) [principle scan] |
| Windows Browser service is running |
| THC SSL Dos attack |
| SSH version information can be obtained |
| PHP Resource Management Error Vulnerability |
| PHP Directory Traversal Vulnerability (CVE-2012-1172) |
| PHP null character security limit Bypass Vulnerability (cve-2006-7243) |
| PHP Session Serializer Data Injection vulnerability |
| PHP multiple NULL pointer Reference denial of service Vulnerability (CVE-2011-3182) |
| PHP form File upload path injection vulnerability |
| PHP "phar/phar_object.c" format string vulnerability |
| PHP "OpenSSL" extends multiple denial of service vulnerabilities |
| PHP "crypt ()" MD5 Salt Security vulnerability |
| PHP arbitrary file leaks and arbitrary file write vulnerabilities (cve-2013-1643) |
| PHP arbitrary file leaks and arbitrary file write vulnerabilities (cve-2013-1635) |
| PHP ziparchive::getarchivecomment () function null pointer Reference denial of service vulnerability |
| PHP Zend Engine interrupts handling multiple address information disclosure vulnerabilities |
| Reuse heap corruption vulnerability after PHP Zend Engine release (cve-2010-4697) |
| PHP zend_strtod function Malformed floating-point value number Error vulnerability |
| PHP WordWrap () function interrupt handling address information Disclosure vulnerability |
| PHP Web Table Tanhashi Conflict Denial of service vulnerability |
| PHP trim ()/ltrim ()/rtrim () function interrupt Information Disclosure vulnerability |
| PHP substr_replace () function interrupt Information Disclosure vulnerability |
| PHP STRTR () function interrupt handling address information Disclosure vulnerability |
| PHP strtok () function interrupt handling address information Disclosure vulnerability |
| PHP strip_tags () function interrupt handling address information Disclosure vulnerability |
| PHP Stream Component Remote denial of service vulnerability |
| PHP Str_word_count () function interrupt handling address information Disclosure vulnerability |
| PHP Str_pad () function interrupt handling address information Disclosure vulnerability |
| PHP sqlite_single_query () and Sqlite_array_query () functions Remote Code Execution vulnerability |
| PHP Shm_put_var () Access freed resource vulnerability |
| PHP Setcookie () function interrupt handling address information Disclosure vulnerability |
| PHP Session_save_path () bypasses Safe_mode and Open_basedir limitation vulnerabilities |
| PHP Preg_quote () Interrupt Information Disclosure Vulnerability |
| PHP Preg_match () function interrupt handling Information Disclosure vulnerability |
| PHP Php_dechunk () HTTP block-coded integer Overflow vulnerability |
| PHP PDO Memory Access violation denial of service vulnerability |
| PHP parse_str () function interrupts Memory Corruption vulnerability |
| PHP ' open_basedir ' Security restriction Bypass vulnerability |
| PHP numberformatter::getsymbol function Integer Overflow vulnerability |
| PHP Mysqlnd Extended Php_mysqlnd_rset_header_read () function heap Overflow vulnerability |
| PHP Mysqlnd Extended php_mysqlnd_read_error_from_line () function heap Overflow vulnerability |
| PHP Mysqlnd Extended Php_mysqlnd_ok_read () function Information Disclosure Vulnerability |
| PHP Mysqlnd Extended Php_mysqlnd_auth_write () function Stack Overflow Vulnerability |
| PHP libxslt Security Restriction Bypass vulnerability |
| PHP IMAP extension imap_do_open function double Release vulnerability |
| PHP Html_entity_decode () Interrupt Address Information Disclosure vulnerability |
| PHP ' header () ' HTTP header injection vulnerability |
| PHP hash_update_file () function access freed resource vulnerability |
| PHP ' getimagesize () ' Remote denial of service vulnerability |
| PHP Fnmatch () function stack Exhaustion Vulnerability |
| PHP ext/phar/stream.c and EXT/PHAR/DIRSTREAM.C files multiple format string vulnerabilities |
| PHP exif extension EXIF.C denial of service vulnerability |
| PHP Exif Extension "exif_read_data ()" Function remote denial of service vulnerability |
| PHP crypt function Buffer Overflow Vulnerability |
| PHP Chunk_split () Interrupt Information Disclosure Vulnerability |
| PHP Calendar Extension "Sdntojulian ()" Remote integer Overflow vulnerability |
| PHP addcslashes () Interrupt Information Disclosure Vulnerability |
| PHP 5.3.9 Previous version strtotime function call remote deny access vulnerability |
| PHP 5.3.7 Previous version null pointer Reference denial of service vulnerability |
| PHP 5.3.7 Previous Versions multiple vulnerabilities |
| PHP "Zip" extension "zip_fread ()" Function denial of service vulnerability |
| PHP "Zip" extension "stream_get_contents ()" Function denial of service vulnerability |
| PHP "Substr_replace ()" After free reuse of remote memory Corruption vulnerability |
| PHP "socket_connect ()" Function stack buffer Overflow vulnerability |
| PHP "Shmop_read ()" Remote integer Overflow vulnerability |
| PHP "Intl" extension "numberformatter::setsymbol ()" Function denial of service vulnerability |
| PHP "/imap/php_imap.c" released after the re-use of remote Code execution vulnerability |
| PHP ' query_string ' parameter security vulnerability |
| PHP ' _php_stream_scandir () ' Buffer Overflow vulnerability |
| PHP "Zend_strtod ()" function malformed floating-point value denial of service vulnerability |
| PHP "Xml_utf8_decode ()" UTF-8 data decoding input Validation vulnerability |
| PHP "Setsymbol ()" Function denial of service vulnerability |
| PHP "MAGIC_QUOTES_GPC" Directive security restriction Bypass Vulnerability |
| PHP "Getsymbol ()" Function denial of service vulnerability |
| PHP "_zip_name_locate ()" Null pointer reference denial of service vulnerability |
| Oracle Database server Warehouse Builder Component Remote Vulnerability |
| Oracle database server remote non-authorized access vulnerability to DB Vault component |
| Oracle database Server DACL multiple unsafe permissions Vulnerability |
| Oracle database server Create any directory privilege elevation vulnerability |
| Oracle Database access restriction Bypass vulnerability |
| Oracle database pitrig_dropmetadata process Remote Overflow Vulnerability |
| Oracle Database Network foundation Component Remote denial of service vulnerability |
| Versions of Oracle Tnslsnr can be queried |
| Oracle TNS Listener giop remote denial of service and information Disclosure vulnerability |
| Oracle DBMS bypasses Login access Control Vulnerability (CVE-2006-0552) |
| Oracle DBMS bypasses Login access Control Vulnerability (CVE-2006-0291) |
| Oracle Dbms_assert Security Module Bypass Vulnerability |
| Oracle Database Vault Remote security vulnerability |
| Oracle Database Target Type Menus Remote security Vulnerability (CVE-2011-2257) |
| Oracle database spatial data type handles SQL injection vulnerabilities |
| Oracle database server Remote Database Vault Vulnerability (CVE-2011-2238) |
| Oracle Database Server Remote core RDBMS Vulnerability (cve-2011-2253) |
| Oracle Database Server Remote core RDBMS Vulnerability (CVE-2011-2230) |
| Oracle Database Server and Fusion Middleware help components open vulnerabilities |
| Oracle Database Server and Enterprise Manager Grid Security Vulnerability (cve-2011-2244) |
| Oracle Database Server and Enterprise Manager Grid Control Schema Management Component Remote security vulnerability |
| Oracle Database server/collaboration suite/e-business Suite ' Workflow cartridge ' open vulnerability |
| Oracle Database Server Remote RDBMS Core Vulnerability (CVE-2012-0534) |
| Oracle Database Server Remote Oracle Spatial Vulnerability (CVE-2012-0552) |
| Oracle Database Server Remote Enterprise Manager Base Platform Vulnerability (cve-2012-0528) |
| Oracle Database Server Remote Enterprise Manager Base Platform Vulnerability (cve-2012-0527) |
| Oracle Database Server Remote Enterprise Manager Base Platform Vulnerability (cve-2012-0526) |
| Oracle Database Server Remote Enterprise Manager Base Platform Vulnerability (CVE-2012-0520) |
| Oracle Database Server Remote Enterprise Config Management Vulnerability (CVE-2011-0831) |
| Oracle Database Server Remote core RDBMS Vulnerability (cve-2012-0510) |
| Oracle database Server ' TNS Listener ' Remote Data Poisoning vulnerability |
| Oracle Database Server RDBMS remote core RDBMS Vulnerability (cve-2011-2239) |
| Oracle Database Server Network layer component Remote network Tier denial of service Vulnerability (cve-2012-1747) |
| Oracle Database Server Network layer component Remote network Tier denial of service Vulnerability (cve-2012-1746) |
| Oracle Database Server Network layer component Remote network Tier denial of service Vulnerability (cve-2012-1745) |
| Oracle Database Server Listener Remote denial of service Vulnerability (cve-2012-0072) |
| Oracle Database Server Enterprise Manager Console remote security Vulnerability (CVE-2011-0876) |
| Oracle Database Server Database Vault Local Information Disclosure vulnerability |
| Oracle Database Server Database Vault "dv_acctmgr" Permission remote security restriction Bypass vulnerability |
| Oracle Database Server Core RDBMS Component Remote Vulnerability (CVE-2012-3151) |
| Oracle Database Server Core RDBMS Component Remote Vulnerability (CVE-2012-3146) |
| Oracle Database Server Core RDBMS remote denial of service vulnerability |
| Oracle Database Server Cluster Verify Utility Local privilege elevation vulnerability |
| Oracle Database ' Ctxsys. CONTEXT ' Index privilege elevation vulnerability |
| Oracle Database Core RDBMS Components Open Vulnerability (cve-2007-2108, cve-2007-2109, etc.) |
| Oracle Database Advanced Replication Component Open Vulnerability (cve-2007-2116) |
| Oracle Database "exp.exe" parameter file remote buffer Overflow Vulnerability |
| Oracle Database Auth_alter_session Property Security Bypass and arbitrary SQL statement Execution Vulnerability |
| Oracle January 2008 Update fixes multiple security vulnerabilities |
| Oracle April 2007 Update fixes multiple security vulnerabilities |
| Oracle January 2007 Update fixes multiple security vulnerabilities (cve-2006-4343) |
| Oracle July 2006 Update fixes multiple security vulnerabilities |
| Oracle 10g dbms_export_extension stored Procedure Remote SQL Injection Vulnerability |
| OpenSSL multiple remote denial of service Vulnerability (CVE-2013-0166) |
| OpenSSL multiple security vulnerabilities |
| OpenSSL S/MIME header handles null pointer reference denial of service vulnerability |
| OpenSSL kssk_keytab_is_available () Remote denial of service vulnerability |
| OpenSSL dtls Remote denial of service (cve-2012-2333) |
| OpenSSL CRL Bypass and ECDH denial of service vulnerability |
| OpenSSL CMS fabric handles Memory Corruption Vulnerability (CVE-2010-0742) |
| OpenSSL CMS/PKCS #7 decryption for security vulnerabilities |
| OpenSSL "Asn1_d2i_read_bio ()" Der Format Data Processing Vulnerability |
| OpenSSH ' ssh_gssapi_parse_ename () ' Function denial of service vulnerability |
| Nginx DNS resolver remote heap buffer Overflow Vulnerability |
| MS SQL Server Real version information disclosure |
| Microsoft Remote Desktop Protocol RDP Remote Code executable Vulnerability (MS12-020) "Principle Scan" |
| Microsoft Windows Remote Desktop Protocol Man-in-the-middle attack vulnerability |
| Microsoft Windows SMB Pathname Remote Overflow Vulnerability (MS10-012) [based on ms09-001] |
| Microsoft Windows SMB Pool Overflow Remote Code execution Vulnerability (ms10-054) [based on ms09-001] |
| Microsoft Windows SMB Operations Resolution Remote Code Execution Vulnerability (MS11-020) "Principle Scan" |
| Microsoft Windows SMB write_andx processing Denial of service Vulnerability (MS09-001) "Principle Scan" |
| Microsoft Windows SMB NT trans Request buffer Overflow Vulnerability (MS09-001) "Principle Scan" |
| Microsoft Windows SMB NT Trans2 Request remote denial of service and Code execution Vulnerability (MS09-001) "Principle Scan" |
| Microsoft SQL Server database service is running |
| LDAP server allows null base attribute |
| ICMP Timestamp Request Response Vulnerability |
| FTP Server version information can be obtained |
| DCE/RPC Service Enumeration Vulnerability |
| Apache Server Incomplete HTTP request Denial of service vulnerability [principle scan] |
| Apache non-defined character encoding cross-site vulnerability |
| Apache Tomcat Request object Security Restriction Bypass vulnerability |
| Apache Tomcat Denial of service Vulnerability (cve-2012-2733) |
| Apache Tomcat parameter Handling Denial of service Vulnerability (CVE-2012-0022) |
| Apache Tomcat Resource Management Error Vulnerability |
| Apache Tomcat Cross-site request forgery vulnerability |
| Apache Tomcat Web Table Tanhashi Conflict Denial of service vulnerability |
| Apache Tomcat WebDAV Remote Information Disclosure vulnerability |
| Apache Tomcat Slowloris Tool Denial of service vulnerability |
| Apache Tomcat sendfile Request Security limit Bypass and denial of service vulnerability |
| Apache Tomcat SecurityManager Security Policy Bypass vulnerability |
| Apache Tomcat replay-countermeasure Feature security vulnerability |
| Apache Tomcat NiO Connector Denial of service vulnerability |
| Apache Tomcat NIO Connector Denial of service vulnerability |
| Apache Tomcat JVM Remote denial of service vulnerability |
| Apache Tomcat HTTP Digest authentication multiple security vulnerabilities |
| Apache Tomcat HTTP Digest Access Authentication Implementation Security Vulnerability (CVE-2012-5887) |
| Apache Tomcat HTTP Digest Access Authentication Security Restriction Bypass vulnerability |
| Apache Tomcat HTTP Digest Access Authentication Security Bypass Vulnerability (cve-2012-5886) |
| Apache Tomcat HTML Manager Interface HTML Injection Vulnerability |
| Apache Tomcat Form Authentication Security Bypass Vulnerability |
| Apache Tomcat AJP Protocol Security Restriction Bypass vulnerability |
| Apache Tomcat "memoryuserdatabase" Information Disclosure vulnerability |
| Apache TOMCA Digest Authentication Multiple security vulnerabilities (cve-2012-3439) |
| Apache mod_proxy Module Remote denial of service vulnerability |
| Apache mod_proxy Reverse proxy denial of service vulnerability |
| Apache mod_proxy_http Module Timeout handling Information Disclosure vulnerability |
| Apache mod_proxy_ftp Module Remote Command Injection vulnerability |
| Apache mod_proxy_ftp Module Cross-site script execution vulnerability |
| Apache mod_proxy_ftp module NULL pointer Reference denial of service vulnerability |
| Apache mod_proxy_balancer Module Cross-site script execution vulnerability |
| Apache Mod_proxy_balancer Module Multiple cross-site scripting vulnerability |
| Apache mod_proxy_balancer Denial of service vulnerability |
| Apache MOD_PROXY_AJP Module Inbound Request message Remote denial of service vulnerability |
| Apache mod_deflate Module Remote denial of service vulnerability |
| Apache HTTP Server 403 error page cross-site Scripting vulnerability |
| Apache HTTP Server Denial of service vulnerability |
| Apache HTTP Server Malformed range and range-request option handles remote denial of service vulnerability "principle scan" |
| Apache HTTP Server Malformed HTTP Mode 413 error page cross-site Scripting vulnerability |
| Apache HTTP Server worker process multiple local denial of service vulnerability |
| Apache HTTP Server Scoreboard Local Security restriction bypass vulnerability |
| Apache HTTP Server mod_status Module cross-site script execution vulnerability |
| Apache HTTP Server mod_status module Cross-site Scripting vulnerability |
| Apache HTTP Server mod_proxy Reverse proxy mode security Restriction Bypass vulnerability |
| Apache HTTP Server mod_proxy_ajp Denial of service vulnerability |
| Apache HTTP Server mod_proxy Reverse proxy mode security Restriction Bypass vulnerability |
| Apache HTTP Server mod_cache Module Denial of service vulnerability |
| Apache HTTP Server mod_cache and Mod_dav module Remote denial of service vulnerability |
| Apache HTTP Server ' ld_library_path ' Unsafe library loading arbitrary Code execution Vulnerability |
| Apache HTTP Server ' ap_pregsub () ' function local denial of service vulnerability |
| Apache HTTP Server allowoverride option bypasses security restrictions vulnerability |
| Apache HTTP Server "HttpOnly" Cookie Information Disclosure vulnerability |
| Apache HTTP Server "ap_pregsub ()" Function denial of service vulnerability |
| Apache HTTP Server "ap_pregsub ()" Function local privilege elevation vulnerability |
| Apache HTTP Server "mod_proxy" Reverse proxy security Restriction Bypass vulnerability |
| Apache Commons Daemon "jsvc" Information Disclosure vulnerability |
| Apache ARP libray Remote denial of service vulnerability |
| Apache Apache HTTP Server mod_proxy_ajp Module Denial of service vulnerability |
| Apache HTTP Server multiple module host name and URI cross-site Scripting Vulnerability (cve-2012-3499) |
| Ajaxplorer remote command injection and local file Disclosure Vulnerability "principle scan" |
Common vulnerabilities in server systems and software
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
