Page 5 of 23 results (0.027 seconds)

CVSS: 4.3EPSS: 1%CPEs: 8EXPL: 0

Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57742-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200314-1 http://www.securityfocus.com/bid/12775 •

CVSS: 5.0EPSS: 2%CPEs: 13EXPL: 0

Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. • http://secunia.com/advisories/13072 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101589-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1 http://www.osvdb.org/11383 http://www.securityfocus.com/bid/11593 https://exchange.xforce.ibmcloud.com/vulnerabilities/17941 •

CVSS: 7.5EPSS: 3%CPEs: 93EXPL: 0

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 http://www.securityfocus.com/bid/11015 http://xforce.iss.net/xforce/alerts/id/180 https://exchange.xforce.ibmcloud.com/vulnerabilities/16314 •