CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1CVE-2005-1118 – RSA Security RSA Authentication Agent For Web 5.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-1118
14 Apr 2005 — Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter. • https://www.exploit-db.com/exploits/25421 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2003-0389
https://notcve.org/view.php?id=CVE-2003-0389
20 Jun 2003 — Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la función de redirección segura de RSA ACE/Agent 5.0 para Windows, y 5.x para Web, permite a atacantes remotos insertar script web arbitrario y posiblemente causar que usuario... • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0112.html •
CVSS: 7.1EPSS: 1%CPEs: 9EXPL: 0CVE-2002-0507
https://notcve.org/view.php?id=CVE-2002-0507
11 Jun 2002 — An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. Una interacción entre Microsoft Outlook Web Access (OWA) con RSA SecurID permite a usuarios locales evitar la autenticación SecurID para un usuario anterior mediante varios envios de una petición de autenticación OW... • http://online.securityfocus.com/archive/1/264705 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1462
https://notcve.org/view.php?id=CVE-2001-1462
24 Oct 2001 — WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information. • http://www.kb.cert.org/vuls/id/609840 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1461
https://notcve.org/view.php?id=CVE-2001-1461
22 Oct 2001 — Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) \.. sequences. • http://www.kb.cert.org/vuls/id/348040 •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2000-0522
https://notcve.org/view.php?id=CVE-2000-0522
08 Jun 2000 — RSA ACE/Server allows remote attackers to cause a denial of service by flooding the server's authentication request port with UDP packets, which causes the server to crash. • ftp://ftp.securid.com/support/outgoing/dos/readme.txt •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-1999-0834 – RSA Security RSAREF 2.0 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0834
01 Dec 1999 — Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. • https://www.exploit-db.com/exploits/19655 •