CVSS: 5.5EPSS: 0%CPEs: 788EXPL: 1CVE-2023-6105 – ManageEngine Information Disclosure in Multiple Products
https://notcve.org/view.php?id=CVE-2023-6105
15 Nov 2023 — An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database. Existe una vulnerabilidad de divulgación de información en varios productos ManageEngine que puede provocar la exposición de claves de cifrado... • https://www.manageengine.com/security/advisory/CVE/CVE-2023-6105.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 18EXPL: 0CVE-2006-7034
https://notcve.org/view.php?id=CVE-2006-7034
23 Feb 2007 — SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. Vulnerabilidad de inyección SQL en directory.php en Super Link Exchange Script 1.0 podría permitir a atacantes remotos ejecutar consultas SQL de su elección a través del parámetro cat. • http://securityreason.com/securityalert/2285 •
CVSS: 10.0EPSS: 85%CPEs: 5EXPL: 1CVE-2004-0574 – Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)
https://notcve.org/view.php?id=CVE-2004-0574
16 Oct 2004 — The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. El componente de Protocolo de Transferencia de Noticias de Red (NNTP) de Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Se... • https://www.exploit-db.com/exploits/578 • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 19%CPEs: 5EXPL: 2CVE-2002-1790 – Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)
https://notcve.org/view.php?id=CVE-2002-1790
31 Dec 2002 — The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. • https://www.exploit-db.com/exploits/21613 •
CVSS: 5.3EPSS: 19%CPEs: 1EXPL: 0CVE-2001-0660
https://notcve.org/view.php?id=CVE-2001-0660
30 Oct 2001 — Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by directly accessing a back-end function that processes the global address list (GAL). • http://support.microsoft.com/support/kb/articles/Q307/1/95.ASP •
CVSS: 7.5EPSS: 8%CPEs: 3EXPL: 0CVE-2001-0543
https://notcve.org/view.php?id=CVE-2001-0543
20 Sep 2001 — Memory leak in NNTP service in Windows NT 4.0 and Windows 2000 allows remote attackers to cause a denial of service (memory exhaustion) via a large number of malformed posts. • http://www.securityfocus.com/bid/3183 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 13%CPEs: 9EXPL: 0CVE-2001-0509
https://notcve.org/view.php?id=CVE-2001-0509
29 Aug 2001 — Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-041 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 15%CPEs: 3EXPL: 0CVE-2000-0524
https://notcve.org/view.php?id=CVE-2000-0524
05 Jun 2000 — Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0045.html •
CVSS: 7.5EPSS: 5%CPEs: 22EXPL: 0CVE-1999-0007
https://notcve.org/view.php?id=CVE-1999-0007
26 Jun 1998 — Information from SSL-encrypted sessions via PKCS #1. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-002 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 3%CPEs: 3EXPL: 3CVE-1999-0284 – Alt-N MDaemon Server 2.71 SP1 - SMTP HELO Argument Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0284
01 Jan 1998 — Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. • https://www.exploit-db.com/exploits/23146 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •