Lucene search
K

5908 matches found

Cvelist
Cvelist
added 2005/08/21 4:0 a.m.23 views

CVE-2005-2646

Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to cause a denial of service or read files via unknown vectors involving crafted HTTP requests...

6.7AI score0.0206EPSS
Exploits0References4
CVE
CVE
added 2005/08/21 4:0 a.m.56 views

CVE-2005-2646

CVE-2005-2646 refers to an unknown vulnerability in Xerox MicroServer Web Server within Xerox Document Centre models 220–265, 332, 340, 420–490, and 535–555. The issue reportedly allows remote attackers to cause a denial of service or to read files via crafted HTTP requests; the exact vectors, af...

6.4CVSS7AI score0.0206EPSS
Exploits0References4Affected Software20
CVE
CVE
added 2005/08/16 4:0 a.m.70 views

CVE-2004-2381

CVE-2004-2381 affects the Jetty HTTP Server prior to 4.2.19. The vulnerability arises in HttpRequest.java handling of HTTP requests with a large Content-Length, allowing remote attackers over the network to cause memory usage growth and a denial of service (application crash). Affected products a...

5CVSS6.4AI score0.01801EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2005/08/16 4:0 a.m.25 views

CVE-2004-2381

HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service memory usage and application crash via HTTP requests with a large Content-Length...

6.4AI score0.01801EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2005/07/25 12:0 a.m.35 views

apache -- http request smuggling

A Watchfire whitepaper reports an vulnerability in the Apache webserver. The vulnerability can be exploited by malicious people causing cross site scripting, web cache poisoining, session hijacking and most importantly the ability to bypass web application firewall protection. Exploiting this...

4.3CVSS9.1AI score0.20461EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2005/07/19 12:0 a.m.19 views

Oracle Reports Server 6.0.8/9.0.x - XML File Disclosure

source: https://www.securityfocus.com/bid/14311/info Oracle Reports Server may allow remote attackers to disclose parts of arbitrary XML files. Reportedly, the server fails to restrict users from accessing parts of arbitrary XML files when handling specially crafted HTTP GET requests. All version...

7AI score
Exploits0
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.17 views

CVE-2002-1994

advserver.exe in Advanced Web Server AdvServer Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed CRLF sequence...

6.6AI score0.01591EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.23 views

CVE-2002-1999

HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests...

6.7AI score0.02653EPSS
Exploits0References4
CVE
CVE
added 2005/07/14 4:0 a.m.45 views

CVE-2002-2025

CVE-2002-2025 affects Lotus Domino server 5.0.9a and earlier. The vulnerability allows remote attackers to cause a denial of service by exhausting the server’s working threads via a high volume of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a long appended name....

5CVSS7AI score0.01752EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2005/07/14 4:0 a.m.55 views

CVE-2000-1235

Oracle IAS 3.0.7 and earlier are affected by CVE-2000-1235 due to default configurations of the port listener and mod_plsql, enabling remote attackers to view privileged database information via HTTP requests for DAD files. Affected component is the mod_plsql DAD handling exposed by default; root...

5CVSS8.7AI score0.04827EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/07/14 4:0 a.m.49 views

CVE-2002-2009

Affected software: Apache Tomcat 4.0.1. Vulnerability: Information disclosure where remote attackers can obtain the web root/pathname by triggering error pages for JSP requests that use a leading sequence (+/, >/,

5CVSS6.7AI score0.07314EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.17 views

CVE-2002-2025

Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for 1 an MS-DOS device name and 2 an MS-DOS device name with a large number of characters appended to the device name...

6.7AI score0.01752EPSS
Exploits0References6
CVE
CVE
added 2005/07/14 4:0 a.m.142 views

CVE-2001-1556

Technical details for CVE-2001-1556 are not publicly provided in the connected documents. Monitor for updates.

5CVSS6.9AI score0.03564EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.26 views

CVE-2002-2007

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages JSP in the 1 test/jsp, 2 samples/jsp and 3 examples/jsp directories, or the 4...

6.3AI score0.41399EPSS
Exploits1References10
CVE
CVE
added 2005/07/14 4:0 a.m.59 views

CVE-2000-1230

The CVE-2000-1230 entry concerns Phorum 3.0.7, where a backdoor in auth.php3 allows remote attackers to access restricted web pages by sending an HTTP request with the PHP_AUTH_USER parameter set to boogieman. This describes a vulnerable component (auth.php3) and a clear attack vector (HTTP-based...

5CVSS7.1AI score0.03252EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/07/14 4:0 a.m.24 views

CVE-2002-2009

Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by 1 +/, 2 /, 3 /, and 4 %20/, which leaks the pathname in an error message...

6.6AI score0.07314EPSS
Exploits1References8
Cvelist
Cvelist
added 2005/07/11 4:0 a.m.26 views

CVE-2005-2201

Unknown vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to cause a denial of service or access files via crafted HTTP requests...

6.6AI score0.0237EPSS
Exploits0References3
NVD
NVD
added 2005/07/11 4:0 a.m.16 views

CVE-2005-2201

Unknown vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to cause a denial of service or access files via crafted HTTP requests...

6.4CVSS6.6AI score0.0237EPSS
Exploits0References3
CVE
CVE
added 2005/07/11 4:0 a.m.46 views

CVE-2005-2201

CVE-2005-2201 affects the MicroServer Web Server used by Xerox WorkCentre Pro Color devices (models 2128, 2636, 3545) with firmware versions 0.001.04.044–0.001.04.504. The vulnerability allows an attacker to cause a denial of service or access files via crafted HTTP requests. Current documents co...

6.4CVSS6.7AI score0.0237EPSS
Exploits0References3Affected Software3
Tenable Nessus
Tenable Nessus
added 2005/07/08 12:0 a.m.15 views

punBB < 1.2.6 profile.php $temp Parameter SQL Injection (deprecated)

Binary data 3058.prm...

7.5CVSS7.3AI score0.0123EPSS
Exploits0References1
Rows per page
Query Builder