Max CVSS 10.0 Min CVSS 5.0 Total Count10
IDCVSSSummaryLast (major) updatePublished
CVE-2018-4993 5.0
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure.
09-07-2018 - 15:29 09-07-2018 - 15:29
CVE-2018-4237 6.8
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain p
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-7665 10.0
An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.
05-03-2018 - 02:29 05-03-2018 - 02:29
CVE-2018-1000049 6.0
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled.
09-02-2018 - 18:29 09-02-2018 - 18:29
CVE-2017-18048 6.5
Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) is blocked but .PHP (uppercase) is not.
23-01-2018 - 01:29 23-01-2018 - 01:29
CVE-2017-11882 9.3
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objec
14-11-2017 - 22:29 14-11-2017 - 22:29
CVE-2017-7411 6.5
An issue was discovered in Enalean Tuleap 9.6 and prior versions. The vulnerability exists because the User::getRecentElements() method is using the unserialize() function with a preference value that can be arbitrarily manipulated by malicious users
30-10-2017 - 10:29 30-10-2017 - 10:29
CVE-2010-0738 5.0
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attack
22-01-2015 - 08:59 28-04-2010 - 18:30
CVE-2005-2120 6.5
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters
10-09-2008 - 15:41 13-10-2005 - 06:02
CVE-1999-0502 7.5
A Unix account has a default, null, blank, or missing password.
09-09-2008 - 08:34 01-03-1998 - 00:00
Back to Top Mark selected
Back to Top