| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-0634 | 5.0 |
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
|
14-02-2024 - 01:17 | 06-12-2004 - 05:00 | |
| CVE-2008-4310 | 7.8 |
httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for
|
13-02-2023 - 02:19 | 09-12-2008 - 00:30 | |
| CVE-2010-1848 | 6.5 |
Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tab
|
17-12-2019 - 20:26 | 08-06-2010 - 00:30 | |
| CVE-2008-5501 | 5.0 |
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.
|
08-11-2018 - 20:11 | 17-12-2008 - 23:30 | |
| CVE-2006-1045 | 2.6 |
The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive info
|
18-10-2018 - 16:30 | 07-03-2006 - 11:02 | |
| CVE-2002-0642 | 7.2 |
The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Perm
|
12-10-2018 - 21:31 | 23-07-2002 - 04:00 | |
| CVE-2008-2051 | 10.0 |
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
|
11-10-2018 - 20:38 | 05-05-2008 - 17:20 | |
| CVE-2003-0973 | 5.0 |
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
|
11-10-2017 - 01:29 | 15-12-2003 - 05:00 | |
| CVE-2005-0173 | 7.5 |
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2008-3834 | 2.1 |
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
|
29-09-2017 - 01:31 | 07-10-2008 - 21:01 | |
| CVE-2009-4565 | 7.5 |
sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a
|
19-09-2017 - 01:29 | 04-01-2010 - 21:30 |