CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

271 matches found

Exploit DB•added 2003/04/05 12:0 a.m.•42 views

Abyss Web Server 1.1.2 - Incomplete HTTP Request Denial of Service

source: https://www.securityfocus.com/bid/7287/info A denial of service vulnerability has been reported for Abyss Web Server. The vulnerability exists when Abyss attempts to parse certain incomplete HTTP headers. GET / HTTP/1.0 Connection: GET / HTTP/1.0 Range:...

NVD•added 2003/03/31 5:0 a.m.•14 views

CVE-2002-1556

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service reset via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference IOR...

5CVSS6.5AI score0.00486EPSS

Exploits0References3

securityvulns•added 2003/03/20 12:0 a.m.•22 views

[SCSA-011] Path Disclosure Vulnerability in XOOPS

Security Corporation Security Advisory SCSA-011 PROGRAM: XOOPS HOMEPAGE: http://www.xoops.org/ VULNERABLE VERSIONS: v2.0 and prior ? DESCRIPTION XOOPS is "a dynamic OO Object Oriented based open source portal script written in PHP. XOOPS is the ideal tool for developing small to large dynamic...

NVD•added 2003/02/07 5:0 a.m.•13 views

CVE-2003-0017

Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as "", which causes a different filename to be processed and served...

5CVSS6.6AI score0.04595EPSS

Exploits0References15

Exploit DB•added 2003/01/03 12:0 a.m.•21 views

iCal 3.7 - HTTP Request Denial of Service

source: https://www.securityfocus.com/bid/6505/info A denial of service vulnerability has been reported for iCal. The vulnerability occurs when iCal receives a specially formatted HTTP request. This will cause iCal to crash thereby leading to a denial of service. Restarting the service is necessa...

NVD•added 2002/12/31 5:0 a.m.•10 views

CVE-2002-1874

astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect...

10CVSS7.7AI score0.0191EPSS

Exploits0References4

exploitpack•added 2002/12/03 12:0 a.m.•25 views

Linksys Devices 1.421.43 - GET Buffer Overflow (PoC)

Linksys Devices 1.421.43 - GET Buffer Overflow PoC source: https://www.securityfocus.com/bid/6301/info Several Linksys Broadband Router devices are prone to a buffer overflow conditions. The vulnerability occurs due to insufficient allocation of memory for buffers. An attacker can exploit this...

Exploit DB•added 2002/11/30 12:0 a.m.•24 views

Pserv 2.0 - HTTP Version Specifier Buffer Overflow

source: https://www.securityfocus.com/bid/6285/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this vulnerability by issuing a HTTP request with an invalid...

Exploit DB•added 2002/11/02 12:0 a.m.•21 views

Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service

source: https://www.securityfocus.com/bid/6096/info A denial of service vulnerability has been reported for Monkey HTTP server. The vulnerability is due to inadequate checks being performed when decoding POST requests. An attacker can exploit this vulnerability by issuing a POST request with an...

Exploit DB•added 2002/11/01 12:0 a.m.•18 views

Pserv 2.0 - HTTP Request Parsing Buffer Overflow

source: https://www.securityfocus.com/bid/6287/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this vulnerability by issuing a HTTP request with an overly...

exploitpack•added 2002/10/15 12:0 a.m.•10 views

Polycom 2.23.0 - ViaVideo Buffer Overflow

Polycom 2.23.0 - ViaVideo Buffer Overflow source: https://www.securityfocus.com/bid/5964/info A buffer overflow vulnerability has been reported for ViaVideo. An attacker can exploit this vulnerability by issuing excessively long 'GET' requests to ViaVideo devices. This will cause an error in the...

NVD•added 2002/07/03 4:0 a.m.•24 views

CVE-2002-0364

Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise."...

7.5CVSS7.7AI score0.62409EPSS

Exploits4References10

Exploit DB•added 2002/06/11 12:0 a.m.•33 views

CGIScript.net csNews 1.0 - Double URL Encoding Unauthorized Administrative Access

source: https://www.securityfocus.com/bid/4993/info csNews is a script for managing news items on a website. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. Users with "public" access to the system may be able to view and modify some administration...

exploitpack•added 2002/06/08 12:0 a.m.•7 views

Seanox DevWex Windows Binary 1.2002.520 - File Disclosure

Seanox DevWex Windows Binary 1.2002.520 - File Disclosure source: https://www.securityfocus.com/bid/4978/info The Seanox DevWex Windows binary version is prone to an issue which may cause arbitrary web-readable files to be disclosed to remote attackers. This problem occurs because DevWex does not...

exploitpack•added 2002/04/25 12:0 a.m.•25 views

PHProjekt 2.x3.x - Authentication Bypass

PHProjekt 2.x3.x - Authentication Bypass source: https://www.securityfocus.com/bid/4596/info PHProjekt is a freely available, open source PHP Groupware package. It is actively maintained by the PHPProjekt Development Team. It will run on most Linux and Unix variants, in addition to Microsoft...

Exploit DB•added 2002/04/10 12:0 a.m.•26 views

Super Guestbook 1.0 - Sensitive Information Disclosure

source: https://www.securityfocus.com/bid/7319/info Super Guestbook has been reported prone to a sensitive information disclosure weakness. An attacker may disclose sensitive information regarding the Super Guestbook install by sending a HTTP request for a Guest Book configuration file. Details...

Exploit DB•added 2002/02/19 12:0 a.m.•20 views

GNUJSP 1.0 - File Disclosure

source: https://www.securityfocus.com/bid/4125/info GNUJSP is a freely available, open-source implementation of Sun's Java Server Pages. It will run on most Unix and Linux variants, as well as Microsoft Windows NT/2000 operating systems. It has been reported that a remote attacker may disclose th...

exploitpack•added 2002/01/08 12:0 a.m.•10 views

Cacheflow CacheOS 3.14.0 Web Administration - Arbitrary Cached Page Code Leakage

Cacheflow CacheOS 3.14.0 Web Administration - Arbitrary Cached Page Code Leakage source: https://www.securityfocus.com/bid/3841/info CacheOS is the firmware designed and distributed with CacheFlow web cache systems. It is maintained and distributed by CacheFlow. When a user connects to the system...

securityvulns•added 2001/04/19 12:0 a.m.•51 views

Дырка в MS DAC (Internet Publishing Provider)

Можно заставить клиента выполнить WebDAV-запрос...

Exploits0References1Affected Software1

Exploit DB•added 2001/04/03 12:0 a.m.•36 views

Caucho Technology Resin 1.2/1.3 - JavaBean Disclosure

source: https://www.securityfocus.com/bid/2533/info A specially constructed HTTP request could enable a remote attacker to gain read access to any known JavaBean file residing on a host running Resin. On Resin webservers, JavaBean files reside in a protected directory, '/WEB-INF/classes/'...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by