Every CVE whose affected-product data names Microsoft W3who.dll, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2004-1134 — CVSS 10.0 (critical): Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute…
CVE-2004-1133 — CVSS 6.8 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remote attackers to inject arbitrary HTML…