| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-1863 | 5.0 |
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with
|
15-02-2024 - 19:19 | 27-06-2007 - 17:30 | |
| CVE-2008-4636 | 7.2 |
yast2-backup 2.14.2 through 2.16.6 on SUSE Linux and Novell Linux allows local users to gain privileges via shell metacharacters in filenames used by the backup process.
|
08-02-2024 - 20:34 | 27-11-2008 - 00:30 | |
| CVE-2006-5752 | 4.3 |
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML vi
|
21-09-2022 - 19:34 | 27-06-2007 - 17:30 | |
| CVE-2018-0819 | 4.3 |
Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing
|
03-10-2019 - 00:03 | 10-01-2018 - 01:29 | |
| CVE-2007-3402 | 7.5 |
SQL injection vulnerability in index.php in pagetool 1.07 allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a pagetool_news action.
|
16-10-2018 - 16:49 | 26-06-2007 - 17:30 | |
| CVE-2014-9331 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine Desktop Central before 9 build 90130 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an addUser action to S
|
09-10-2018 - 19:55 | 04-02-2015 - 16:59 | |
| CVE-2001-0458 | 7.5 |
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
|
19-12-2017 - 02:29 | 27-06-2001 - 04:00 | |
| CVE-2013-1724 | 9.3 |
Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial
|
19-09-2017 - 01:36 | 18-09-2013 - 10:08 | |
| CVE-2007-3596 | 4.3 |
inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric characters in the sess_id parameter, which has unknown impact and remote attack vectors, probably cross-site scripting (XSS).
|
29-07-2017 - 01:32 | 06-07-2007 - 18:30 | |
| CVE-2007-3454 | 10.0 |
Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to execute arbitrary code via long crafted requests, as demonstrated using a long session cookie to unspecified CG
|
29-07-2017 - 01:32 | 27-06-2007 - 00:30 | |
| CVE-2007-3455 | 10.0 |
cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the password requirement and gain access to the Management Console via an empty hash and empty encrypted password string, related t
|
29-07-2017 - 01:32 | 27-06-2007 - 00:30 | |
| CVE-2007-3543 | 6.0 |
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadat
|
15-11-2008 - 06:53 | 03-07-2007 - 20:30 |