cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2012-1738,https://securityvulnerability.io/vulnerability/CVE-2012-1738,,Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite Java System Web Server 6.1 and Oracle iPlanet Web Server 7.0 allows remote attackers to affect availability via unknown vectors related to Web Server.,Oracle,"Iplanet Web Server,Sun Products Suite Java System Web Server",,,0.012729999609291553,false,false,false,false,,false,false,2012-07-17T22:00:00.000Z,0
CVE-2010-2385,https://securityvulnerability.io/vulnerability/CVE-2010-2385,,Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration Server.,Oracle,Sun Java System Web Proxy Server,,,0.0013099999632686377,false,false,false,false,,false,false,2010-07-13T22:07:00.000Z,0
CVE-2010-0389,https://securityvulnerability.io/vulnerability/CVE-2010-0389,,The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP request that lacks a method token.,Oracle,Java System Web Server,,,0.0061599998734891415,false,false,false,false,,false,false,2010-01-25T19:30:00.000Z,0
CVE-2010-0387,https://securityvulnerability.io/vulnerability/CVE-2010-0387,,"Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long string in an ""Authorization: Digest"" HTTP header.",Oracle,Java System Web Server,,,0.9231100082397461,false,false,false,false,,false,false,2010-01-25T19:00:00.000Z,0
CVE-2010-0388,https://securityvulnerability.io/vulnerability/CVE-2010-0388,,Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request.,Oracle,Java System Web Server,,,0.7642300128936768,false,false,false,false,,false,false,2010-01-25T19:00:00.000Z,0
CVE-2010-0361,https://securityvulnerability.io/vulnerability/CVE-2010-0361,,Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request.,Oracle,Java System Web Server,,,0.9706100225448608,false,false,false,false,,false,false,2010-01-20T16:30:00.000Z,0
CVE-2010-0360,https://securityvulnerability.io/vulnerability/CVE-2010-0360,,"Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an ""overflow."" NOTE: this might overlap CVE-2010-0272 and CVE-2010-0273.",Oracle,Java System Web Server,,,0.004769999999552965,false,false,false,false,,false,false,2010-01-20T16:30:00.000Z,0
CVE-2010-0273,https://securityvulnerability.io/vulnerability/CVE-2010-0273,,"Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to execute arbitrary code by sending a process memory address and crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco.  NOTE: as of 20100106, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.",Oracle,Java System Web Server,,,0.012129999697208405,false,false,false,false,,false,false,2010-01-08T17:30:00.000Z,0
CVE-2010-0272,https://securityvulnerability.io/vulnerability/CVE-2010-0272,,"Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to discover process memory locations via crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco.  NOTE: as of 20100106, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.",Oracle,Java System Web Server,,,0.011370000429451466,false,false,false,false,,false,false,2010-01-08T17:00:00.000Z,0
CVE-2009-3878,https://securityvulnerability.io/vulnerability/CVE-2009-3878,,"Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12.  NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.",Oracle,Java System Web Server,,,0.0031399999279528856,false,false,false,false,,false,false,2009-11-05T16:00:00.000Z,0
CVE-2009-2445,https://securityvulnerability.io/vulnerability/CVE-2009-2445,,"Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP files via an alternate data stream syntax, as demonstrated by a .jsp::$DATA URI.",Oracle,Java System Web Server,,,0.26350000500679016,false,false,false,false,,false,false,2009-07-13T17:00:00.000Z,0
CVE-2009-1934,https://securityvulnerability.io/vulnerability/CVE-2009-1934,,Cross-site scripting (XSS) vulnerability in the Reverse Proxy Plug-in in Sun Java System Web Server 6.1 before SP11 allows remote attackers to inject arbitrary web script or HTML via the query string in situations that result in a 502 Gateway error.,Oracle,"One Web Server,Java System Web Server",,,0.0034199999645352364,false,false,false,false,,false,false,2009-06-05T15:25:00.000Z,0
CVE-2008-4541,https://securityvulnerability.io/vulnerability/CVE-2008-4541,,Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.,Oracle,Java System Web Proxy Server,,,0.0692799985408783,false,false,false,false,,false,false,2008-10-13T18:00:00.000Z,0
CVE-2008-3683,https://securityvulnerability.io/vulnerability/CVE-2008-3683,,"Unspecified vulnerability in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.5 before SP6 allows remote attackers to cause a denial of service (failure to accept connections) via unknown vectors, probably related to exhaustion of file descriptors.",Oracle,Java System Web Proxy Server,,,0.01882999949157238,false,false,false,false,,false,false,2008-08-14T20:00:00.000Z,0
CVE-2008-3425,https://securityvulnerability.io/vulnerability/CVE-2008-3425,,Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors.,Oracle,"Java System Web Server Plugin,N1 Service Provisioning System",,,0.00430000014603138,false,false,false,false,,false,false,2008-07-31T22:00:00.000Z,0
CVE-2008-2518,https://securityvulnerability.io/vulnerability/CVE-2008-2518,,"Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter.",Oracle,Java System Web Server,,,0.0034000000450760126,false,false,false,false,,false,false,2008-06-03T14:00:00.000Z,0
CVE-2008-2166,https://securityvulnerability.io/vulnerability/CVE-2008-2166,,Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp.,Oracle,Java System Web Server,,,0.0023799999617040157,false,false,false,false,,false,false,2008-05-13T20:14:00.000Z,0
CVE-2008-2120,https://securityvulnerability.io/vulnerability/CVE-2008-2120,,"Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors.",Oracle,"Java System Application Server,Java System Web Server",,,0.00634999992325902,false,false,false,false,,false,false,2008-05-09T15:00:00.000Z,0
CVE-2007-6569,https://securityvulnerability.io/vulnerability/CVE-2007-6569,,"Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246.",Oracle,"Java System Web Server,Java System Web Proxy Server",,,0.006000000052154064,false,false,false,false,,false,false,2007-12-28T21:00:00.000Z,0
CVE-2007-6570,https://securityvulnerability.io/vulnerability/CVE-2007-6570,,"Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.",Oracle,"Java System Web Server,Java System Web Proxy Server",,,0.005249999929219484,false,false,false,false,,false,false,2007-12-28T21:00:00.000Z,0
CVE-2007-6571,https://securityvulnerability.io/vulnerability/CVE-2007-6571,,"Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.",Oracle,"Java System Web Server,Java System Web Proxy Server",,,0.031939998269081116,false,false,false,false,,false,false,2007-12-28T21:00:00.000Z,0
CVE-2007-6572,https://securityvulnerability.io/vulnerability/CVE-2007-6572,,"Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.",Oracle,"Java System Web Server,Java System Web Proxy Server",,,0.021689999848604202,false,false,false,false,,false,false,2007-12-28T21:00:00.000Z,0
CVE-2007-4164,https://securityvulnerability.io/vulnerability/CVE-2007-4164,,"CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks.",Oracle,Java System Web Server,,,0.08677999675273895,false,false,false,false,,false,false,2007-08-07T10:00:00.000Z,0
CVE-2007-3715,https://securityvulnerability.io/vulnerability/CVE-2007-3715,,"Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716.",Oracle,"Java System Application Server,Java System Web Server",,,0.02322000078856945,false,false,false,false,,false,false,2007-07-11T23:30:00.000Z,0
CVE-2007-2881,https://securityvulnerability.io/vulnerability/CVE-2007-2881,,Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation.,Oracle,Java System Web Proxy Server,,,0.7111600041389465,false,false,false,false,,false,false,2007-05-29T20:00:00.000Z,0