CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 14%CPEs: 7EXPL: 0CVE-2004-0892
https://notcve.org/view.php?id=CVE-2004-0892
16 Nov 2004 — Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003 Premium Edition) allows remote attackers to spoof trusted Internet content on a specially crafted webpage via spoofed reverse DNS lookup results. • http://www.securityfocus.com/bid/11605 •
CVSS: 10.0EPSS: 58%CPEs: 2EXPL: 0CVE-2003-0819
https://notcve.org/view.php?id=CVE-2003-0819
15 Jan 2004 — Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. Desbordamiento de búfer en el filtro H.323 Microsoft Internet Security and Acceleration Server 2000 permite a atacantes remotos ejecutar código arbitrario en el Servicio de Cortafuegos de Microsoft mediante cierto tráfico H.323,... • http://secunia.com/advisories/10611 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 19%CPEs: 5EXPL: 0CVE-2003-0110
https://notcve.org/view.php?id=CVE-2003-0110
15 Apr 2003 — The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745. El servicio Winsock Proxy en Microsoft Proxy Server 2.0 y el servicio Microsoft Firewall en Internet Security and Acceleration (ISA) Server 2000 permite a atacantes remotos causar una denegación de servicio (consumición de cpu o ... • http://marc.info/?l=bugtraq&m=104994487012027&w=2 •
CVSS: 9.8EPSS: 65%CPEs: 12EXPL: 1CVE-2002-0371 – Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-0371
15 Jun 2002 — Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. Desbordamiento de búfer en el cliente gopher de Microsoft Internet Explorer 5.1 a la 6.0, Proxy Server 2.0, o ISA Server 2000 permite a atacantes remotos la ejecución de código arbitrario mediante una URL gopher:// que redirige al usu... • https://www.exploit-db.com/exploits/21510 •
CVSS: 7.5EPSS: 83%CPEs: 7EXPL: 1CVE-2000-0246 – Microsoft IIS 4.0 - UNC Mapped Virtual Host
https://notcve.org/view.php?id=CVE-2000-0246
30 Mar 2000 — IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mapped to a UNC share, which allows remote attackers to read the source code of ASP and other files, aka the "Virtualized UNC Share" vulnerability. • https://www.exploit-db.com/exploits/19824 •
CVSS: 7.5EPSS: 5%CPEs: 22EXPL: 0CVE-1999-0007
https://notcve.org/view.php?id=CVE-1999-0007
26 Jun 1998 — Information from SSL-encrypted sessions via PKCS #1. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •