| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-6143 | 9.3 |
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attacke
|
09-02-2024 - 03:26 | 31-12-2006 - 05:00 | |
| CVE-2006-6144 | 5.0 |
The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) v
|
02-02-2021 - 18:13 | 31-12-2006 - 05:00 | |
| CVE-2006-5858 | 5.0 |
Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file.
|
23-11-2020 - 20:09 | 31-12-2006 - 05:00 | |
| CVE-2017-1000385 | 4.3 |
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher
|
03-10-2019 - 00:03 | 12-12-2017 - 21:29 | |
| CVE-2007-0190 | 7.5 |
PHP remote file inclusion vulnerability in edit_address.php in edit-x ecommerce allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.
|
16-10-2018 - 16:31 | 12-01-2007 - 05:04 | |
| CVE-2007-0200 | 7.5 |
PHP remote file inclusion vulnerability in template.php in Geoffrey Golliher Axiom Photo/News Gallery (axiompng) 0.8.6 allows remote attackers to execute arbitrary PHP code via a URL in the baseAxiomPath parameter.
|
19-10-2017 - 01:29 | 11-01-2007 - 11:28 | |
| CVE-2008-5802 | 7.5 |
SQL injection vulnerability in index.php in E-topbiz Online Store 1.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter.
|
29-09-2017 - 01:32 | 31-12-2008 - 11:30 | |
| CVE-2015-0419 | 4.3 |
Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework, a different vulnerability than CVE-2013-1510.
|
08-09-2017 - 01:29 | 21-01-2015 - 19:59 | |
| CVE-2007-0258 | 6.8 |
Cross-site scripting (XSS) vulnerability in index.php in (1) Fastilo 2.0 and (2) Open Solution Quick.Cart 2.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: some of these details are obtained from third par
|
29-07-2017 - 01:30 | 16-01-2007 - 23:28 | |
| CVE-2001-0135 | 2.1 |
The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs.
|
18-10-2016 - 02:09 | 12-03-2001 - 05:00 | |
| CVE-2007-0183 | 6.8 |
Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web script or HTML via the NS-max-records parameter. NOTE: The provenance of this information is unknown; the details are obtai
|
15-11-2008 - 06:39 | 12-01-2007 - 05:04 |