Every CVE whose affected-product data names Microsoft Isa Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2006-7027 — CVSS 10.0 (critical): Microsoft Internet Security and Acceleration (ISA) Server 2004 logs unusual ASCII characters in the Host header, including the tab, which…
CVE-2009-1136 — CVSS 9.3 (critical): The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3…
CVE-2009-0562 — CVSS 9.3 (critical): The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web…
CVE-2009-1534 — CVSS 9.3 (critical): Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web…
CVE-2009-1135 — CVSS 9.0 (critical): Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold and SP1, when Radius OTP is enabled, uses the HTTP-Basic authentication…
CVE-2005-1215 — CVSS 7.5 (high): Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP…
CVE-2001-0658 — CVSS 7.5 (high): Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause…
CVE-2002-0371 — CVSS 7.5 (high): Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote…
CVE-2004-0892 — CVSS 7.5 (high): Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 (which is included in Small Business Server 2000 and Small Business Server 2003…
CVE-2001-0239 — CVSS 7.5 (high): Microsoft Internet Security and Acceleration (ISA) Server 2000 Web Proxy allows remote attackers to cause a denial of service via a long…
CVE-2005-1216 — CVSS 7.5 (high): Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an…
CVE-2006-1651 — CVSS 7.5 (high): Microsoft ISA Server 2004 allows remote attackers to bypass certain filtering rules, including ones for (1) ICMP and (2) TCP, via IPv6…
CVE-2006-3652 — CVSS 7.5 (high): Microsoft Internet Security and Acceleration (ISA) Server 2004 allows remote attackers to bypass file extension filters via a request with…
CVE-2003-0526 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to…
CVE-2001-1533 — CVSS 5.3 (medium): Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of…
CVE-2003-0110 — CVSS 5.0 (medium): The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA)…
CVE-2007-4991 — CVSS 5.0 (medium): The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain…
CVE-2003-0011 — CVSS 5.0 (medium): Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000…
CVE-2005-1907 — CVSS 5.0 (medium): The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of…
CVE-2001-0546 — CVSS 5.0 (medium): Memory leak in H.323 Gatekeeper Service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause…
CVE-2001-0547 — CVSS 2.1 (low): Memory leak in the proxy service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows local attackers to cause a denial…