| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-6836 | 2.1 |
The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.
|
12-02-2023 - 23:25 | 10-12-2016 - 00:59 | |
| CVE-2007-3285 | 6.8 |
Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extens
|
09-10-2019 - 22:53 | 20-06-2007 - 19:30 | |
| CVE-2015-0030 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
| CVE-2007-0839 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in index/index_album.php in Valarsoft WebMatic 2.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) P_LIB and (2) P_INDEX parameters.
|
19-10-2017 - 01:30 | 08-02-2007 - 00:28 | |
| CVE-2007-3236 | 7.5 |
PHP remote file inclusion vulnerability in footer.php in the Horoscope 1.0 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter.
|
11-10-2017 - 01:32 | 15-06-2007 - 01:30 | |
| CVE-2007-3233 | 5.0 |
The TEC-IT TBarCode OCX ActiveX control (TBarCode7.ocx) 7.0.2.3524 allows remote attackers to overwrite arbitrary files via the SaveImage method.
|
11-10-2017 - 01:32 | 15-06-2007 - 01:30 | |
| CVE-2008-5256 | 4.4 |
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-$USER-ipc/lock temporary file.
|
08-08-2017 - 01:33 | 27-11-2008 - 00:30 | |
| CVE-2007-3218 | 4.3 |
Cross-site scripting (XSS) vulnerability in request.php in PHP Live! 3.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the pagex parameter.
|
29-07-2017 - 01:32 | 14-06-2007 - 22:30 | |
| CVE-2007-3211 | 4.3 |
Cross-site scripting (XSS) vulnerability in 404.php in Domain Technologie Control (DTC) before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI). NOTE: the provenance of this information is unknown;
|
29-07-2017 - 01:32 | 14-06-2007 - 19:30 | |
| CVE-2007-3219 | 7.8 |
Unspecified vulnerability in sources/action_public/xmlout.php in Invision Power Board (IPB or IP.Board) 2.2.0 through 2.2.2 allows remote attackers to modify another user's profile data, such as an AIM screen name or Yahoo! identity.
|
29-07-2017 - 01:32 | 14-06-2007 - 22:30 | |
| CVE-2001-0295 | 5.0 |
Directory traversal vulnerability in War FTP 1.67.04 allows remote attackers to list directory contents and possibly read files via a "dir *./../.." command.
|
18-10-2016 - 02:10 | 03-05-2001 - 04:00 | |
| CVE-2010-2628 | 7.5 |
The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted (1) certificate or (2) identity data that triggers
|
24-08-2010 - 05:46 | 20-08-2010 - 18:00 | |
| CVE-2007-3718 | 7.5 |
Multiple unspecified vulnerabilities in the SVG parsing engine in Apple Safari 3 Beta for Windows have unspecified remote attack vectors and impact. NOTE: this issue contains no actionable information, but it was released by a reliable researcher. A
|
15-11-2008 - 06:53 | 12-07-2007 - 16:30 |