cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2016-5385,https://securityvulnerability.io/vulnerability/CVE-2016-5385,,"PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an ""httpoxy"" issue.",Oracle,"Enterprise Manager Ops Center,Communications User Data Repository,Linux",8.1,HIGH,0.9401500225067139,false,,false,false,false,,,false,false,,2016-07-19T01:00:00.000Z,0
CVE-2012-4285,https://securityvulnerability.io/vulnerability/CVE-2012-4285,,"The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.",Oracle,"Sunos,Enterprise Linux,Opensuse",,,0.0035600000992417336,false,,false,false,false,,,false,false,,2012-08-16T10:00:00.000Z,0
CVE-2007-5365,https://securityvulnerability.io/vulnerability/CVE-2007-5365,,"Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.",Oracle,"Opensolaris,OpenBSD,Enterprise Linux,Ubuntu Linux,Linux Advanced Workstation,Debian Linux,Solaris",,,0.8225299715995789,false,,false,false,false,,,false,false,,2007-10-11T10:00:00.000Z,0
CVE-2004-1029,https://securityvulnerability.io/vulnerability/CVE-2004-1029,,"The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.",Oracle,"Jre,Enterprise Firewall,Jdk,Java Sdk-rte,Linux",,,0.8340299725532532,false,,false,false,false,,,false,false,,2005-03-01T05:00:00.000Z,0