| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-3550 | 4.3 |
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.
|
13-05-2022 - 14:57 | 21-07-2016 - 10:13 | |
| CVE-2013-4152 | 6.8 |
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF at
|
11-04-2022 - 17:36 | 23-01-2014 - 21:55 | |
| CVE-2006-4129 | 7.5 |
PHP remote file inclusion vulnerability in admin.webring.docs.php in the Webring Component (com_webring) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the component_dir parameter.
|
17-10-2018 - 21:33 | 14-08-2006 - 23:04 | |
| CVE-2017-8199 | 4.0 |
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verificatio
|
06-12-2017 - 14:11 | 22-11-2017 - 19:29 | |
| CVE-2006-4202 | 7.5 |
SQL injection vulnerability in proje_goster.php in Spidey Blog Script 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter.
|
19-10-2017 - 01:29 | 17-08-2006 - 21:04 | |
| CVE-2006-4210 | 2.6 |
nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these
|
19-10-2017 - 01:29 | 17-08-2006 - 21:04 | |
| CVE-2000-1132 | 6.4 |
DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable.
|
10-10-2017 - 01:29 | 09-01-2001 - 05:00 | |
| CVE-2008-4776 | 4.3 |
libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.
|
08-08-2017 - 01:32 | 28-10-2008 - 19:46 | |
| CVE-2007-0162 | 6.8 |
Unsanity Application Enhancer (APE) 2.0.2 installs with insecure permissions for the (1) ApplicationEnhancer binary and the (2) /Library/Frameworks/ApplicationEnhancer.framework directory, which allows local users to gain privileges by modifying or r
|
29-07-2017 - 01:30 | 10-01-2007 - 00:28 | |
| CVE-2006-3121 | 5.0 |
The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message.
|
20-07-2017 - 01:32 | 17-08-2006 - 01:04 | |
| CVE-2004-1545 | 5.0 |
UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 |