| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-0411 | 7.5 |
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to th
|
13-02-2024 - 18:01 | 07-07-2004 - 04:00 | |
| CVE-2008-1194 | 4.3 |
Multiple unspecified vulnerabilities in the color management library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to cause a denial of service (crash) via unknown vectors.
|
31-07-2019 - 12:44 | 06-03-2008 - 21:44 | |
| CVE-2007-3385 | 4.3 |
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remot
|
25-03-2019 - 11:29 | 14-08-2007 - 22:17 | |
| CVE-2009-0689 | 6.8 |
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD
|
02-11-2018 - 10:29 | 01-07-2009 - 13:00 | |
| CVE-2007-6245 | 5.8 |
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
|
30-10-2018 - 16:26 | 20-12-2007 - 01:46 | |
| CVE-2005-1269 | 5.0 |
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
|
19-10-2018 - 15:31 | 16-06-2005 - 04:00 | |
| CVE-2007-2870 | 4.3 |
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add
|
16-10-2018 - 16:46 | 01-06-2007 - 00:30 | |
| CVE-2004-1269 | 5.0 |
lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail.
|
03-10-2018 - 21:29 | 10-01-2005 - 05:00 | |
| CVE-2006-0195 | 4.3 |
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" speci
|
11-10-2017 - 01:30 | 24-02-2006 - 00:02 | |
| CVE-2005-0142 | 2.1 |
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. conten
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2007-5137 | 6.8 |
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this
|
29-09-2017 - 01:29 | 28-09-2007 - 21:17 |