Max CVSS | 7.5 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2016-10699 | 4.3 |
D-Link DSL-2740E 1.00_BG_20150720 devices are prone to persistent XSS attacks in the username and password fields: a remote unauthenticated user may craft logins and passwords with script tags in them. Because there is no sanitization in the input fi
|
26-04-2023 - 19:27 | 31-10-2017 - 07:29 | |
CVE-2017-15951 | 7.2 |
The KEYS subsystem in the Linux kernel before 4.13.10 does not correctly synchronize the actions of updating versus finding a key in the "negative" state to avoid a race condition, which allows local users to cause a denial of service or possibly hav
|
19-01-2023 - 15:45 | 28-10-2017 - 02:29 | |
CVE-2009-1197 | 5.0 |
Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp.
|
27-11-2017 - 23:18 | 30-10-2017 - 16:29 | |
CVE-2017-14376 | 7.2 |
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.
|
22-11-2017 - 20:17 | 01-11-2017 - 01:29 | |
CVE-2013-4246 | 6.5 |
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive information by editing packed revision properties.
|
18-11-2017 - 17:45 | 30-10-2017 - 14:29 | |
CVE-2017-14356 | 7.5 |
An SQL Injection vulnerability in HP ArcSight ESM and HP ArcSight ESM Express, in any 6.x version prior to 6.9.1c Patch 4 or 6.11.0 Patch 1. This vulnerability could be exploited remotely to allow SQL injection.
|
18-11-2017 - 16:23 | 31-10-2017 - 15:29 | |
CVE-2017-3933 | 3.5 |
Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.
|
18-11-2017 - 16:22 | 31-10-2017 - 14:29 | |
CVE-2009-1198 | 4.3 |
Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to inject arbitrary web script or HTML via the dsname parameter to happyjuddi.jsp.
|
17-11-2017 - 16:33 | 30-10-2017 - 16:29 | |
CVE-2017-15965 | 7.5 |
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.
|
17-11-2017 - 13:48 | 29-10-2017 - 06:29 | |
CVE-2004-0404 | 1.2 |
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.
|
11-07-2017 - 01:30 | 07-07-2004 - 04:00 |