Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (27 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-0053 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.
CVE-2004-1084 1 Apple 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more 2025-04-03 N/A
Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork content via HTTP requests to certain special file names related to multiple data streams in HFS+, which bypass Apache file handles.
CVE-2004-1085 1 Apple 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more 2025-04-03 N/A
Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit applications via the force-quit key combination, even when the system is running in kiosk mode.
CVE-2004-1083 1 Apple 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more 2025-04-03 7.5 High
Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization.
CVE-2004-1123 1 Apple 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more 2025-04-03 N/A
Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte.
CVE-2004-1081 1 Apple 4 Darwin Streaming Server, Mac Os X, Mac Os X Server and 1 more 2025-04-03 N/A
The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict access to a secure text input field, which allows local users to read keyboard input from other applications within the same window session.
CVE-2003-0052 1 Apple 2 Darwin Streaming Server, Quicktime Streaming Server 2025-04-03 N/A
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.