Lucene search
K

91 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:54 a.m.15 views

CVE-2009-4444

Microsoft Internet Information Services IIS 5.x and 6.x uses only the portion of a filename before a ; semicolon character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a 1 .asp, 2...

6CVSS6.9AI score0.63627EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:39 a.m.15 views

CVE-2003-1582

Microsoft Internet Information Services IIS 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inver...

2.6CVSS6.2AI score0.10325EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.3 views

PT-2025-52588

CVE-2025-68483 - Microsoft IIS HTTP Header Injection CVE ID : CVE-2025-68483 Published : Dec. 19, 2025, 4:16 a.m. | 2 hours, 5 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.9AI score
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-0087

Malware in sbrugna...

7.2CVSS6.1AI score0.05405EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2004-0205

Malware in sbrugna...

7.2CVSS6.4AI score0.24476EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2002-1674

Malware in sbrugna...

5CVSS6.4AI score0.12998EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-5178

Malware in sbrugna...

5CVSS6.4AI score0.19092EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-1556

Malware in sbrugna...

5CVSS6.4AI score0.28118EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-1572

Malware in sbrugna...

2.6CVSS6.4AI score0.10325EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2003-0218

Malware in sbrugna...

6.8CVSS6.4AI score0.17322EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16694

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00164EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/21 10:42 p.m.12 views

CVE-2002-1790

The SMTP service in Microsoft Internet Information Services IIS 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682...

5CVSS6.9AI score0.33967EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:22 p.m.7 views

CVE-2002-1718

Microsoft Internet Information Server IIS 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension FPSE file, as claimed using an HTTP request for colegal.htm that contains .. dot dot sequences...

5CVSS7AI score0.14059EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:22 p.m.5 views

CVE-1999-1591

Microsoft Internet Information Services IIS server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual...

7.5CVSS7.4AI score0.1127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/08 4:25 p.m.8 views

CVE-2025-0994

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services I...

8.8CVSS8.9AI score0.27426EPSS
Exploits0References4
CISA KEV Catalog
CISA KEV Catalog
added 2025/02/07 12:0 a.m.21 views

Trimble Cityworks Deserialization Vulnerability

Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services IIS web server...

8.8CVSS7.7AI score0.27426EPSS
In wildExploits0
NVD
NVD
added 2025/02/06 4:15 p.m.20 views

CVE-2025-0994

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services I...

8.8CVSS0.27426EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/02/06 4:1 p.m.17 views

CVE-2025-0994

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services I...

8.6CVSS7.6AI score0.27426EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/06 4:1 p.m.27 views

CVE-2025-0994

Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10 are vulnerable to a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer’s Microsoft Internet Information Services I...

8.6CVSS0.27426EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2018/01/15 12:0 a.m.3 views

VulnCheck KEV: CVE-2005-2678

Microsoft IIS 5.1 and 6 allows remote attackers to spoof the SERVERNAME variable to bypass security checks and conduct various attacks via a GET request with an http://localhost URI, which makes it appear as if the request is coming from localhost...

5CVSS5.8AI score0.41839EPSS
Exploits0References1
Rows per page
Query Builder