CVSS: 2.6EPSS: 0%CPEs: 6EXPL: 0CVE-2005-3164
https://notcve.org/view.php?id=CVE-2005-3164
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an information leak when "unsuitable request body data" is used for a different request, possibly related to Java Servlet pages. • http://jvn.jp/jp/JVN%2379314822/index.html http://lists.apple.com/archives/security-announce/2008//Jun/msg00002.html http://secunia.com/advisories/17019 http://secunia.com/advisories/30802 http://secunia.com/advisories/30899 http://secunia.com/advisories/30908 http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1 http://support.apple.com/kb/HT2163 http://tomcat.apache.org/security-4.html http://www.hitachi-support.com/security_e/vuls_e/HS05-019_e/01& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2CVE-2005-0356 – TCP TIMESTAMPS - Denial of Service
https://notcve.org/view.php?id=CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2004-2492
https://notcve.org/view.php?id=CVE-2004-2492
Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web (GmaxWWW) Desktop 5, 6, and Desktop for Jichitai 6, allows remote attackers to inject arbitrary web script or HTML via the QUERY parameter. • http://secunia.com/advisories/13321 http://www.hitachi-support.com/security_e/vuls_e/HS04-007_e/01-e.html http://www.osvdb.org/12154 http://www.securityfocus.com/bid/11773 https://exchange.xforce.ibmcloud.com/vulnerabilities/18277 •
CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0CVE-2004-2498
https://notcve.org/view.php?id=CVE-2004-2498
Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors. • http://secunia.com/advisories/12150 http://www.hitachi-support.com/security_e/vuls_e/HS04-003_e/index-e.html http://www.osvdb.org/8263 http://www.securityfocus.com/bid/10818 https://exchange.xforce.ibmcloud.com/vulnerabilities/16822 •
CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0CVE-2004-2452
https://notcve.org/view.php?id=CVE-2004-2452
Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag library. • http://secunia.com/advisories/12463 http://securitytracker.com/id?1011171 http://www.hitachi-support.com/security_e/vuls_e/HS04-006_e/01-e.html http://www.osvdb.org/9739 http://www.securityfocus.com/bid/11128 https://exchange.xforce.ibmcloud.com/vulnerabilities/17278 •