Max CVSS 10.0 Min CVSS 3.5 Total Count10
IDCVSSSummaryLast (major) updatePublished
CVE-2014-6041 5.8
The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\u0000javascript: sequence to the Android Browser ap
06-01-2017 - 22:00 02-09-2014 - 06:55
CVE-2008-5448 10.0
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5444 and CVE-
22-11-2016 - 11:13 13-01-2009 - 20:30
CVE-2013-3617 3.5
The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interf
21-11-2013 - 13:29 02-11-2013 - 15:55
CVE-2012-2983 5.0
file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file's unedited contents, which allows remote attackers to read arbitrary files via the file field.
29-05-2013 - 23:16 11-09-2012 - 14:55
CVE-2006-5703 4.3
Cross-site scripting (XSS) vulnerability in tiki-featured_link.php in Tikiwiki 1.9.5 allows remote attackers to inject arbitrary web script or HTML via a url parameter that evades filtering, as demonstrated by a parameter value containing malformed,
24-10-2012 - 00:00 03-11-2006 - 20:07
CVE-2006-5702 5.0
Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.ph
24-10-2012 - 00:00 03-11-2006 - 20:07
CVE-2010-3972 10.0
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a den
18-07-2011 - 22:41 23-12-2010 - 13:00
CVE-2005-0771 10.0
VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.
07-03-2011 - 21:20 23-06-2005 - 00:00
CVE-2010-0017 9.3
Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, an
21-08-2010 - 01:38 10-02-2010 - 13:30
CVE-2009-3591 5.0
Dopewars 1.5.12 allows remote attackers to cause a denial of service (segmentation fault) via a REQUESTJET message with an invalid location.
09-10-2009 - 00:00 08-10-2009 - 13:30
Back to Top Mark selected
Back to Top