Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-0135 | 4.0 |
A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software improperly validates user-supplied sea
|
09-10-2019 - 23:31 | 08-02-2018 - 07:29 | |
CVE-2007-1657 | 7.5 |
Stack-based buffer overflow in the file_compress function in minigzip (Modules/zlib) in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument.
|
16-10-2018 - 16:39 | 24-03-2007 - 01:19 | |
CVE-2008-5266 | 4.3 |
Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 build b04-fcs allows remote attackers to inject arbitr
|
11-10-2018 - 20:54 | 28-11-2008 - 19:00 | |
CVE-2008-1807 | 7.5 |
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
|
11-10-2018 - 20:36 | 16-06-2008 - 19:41 | |
CVE-2008-1806 | 7.5 |
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buf
|
11-10-2018 - 20:36 | 16-06-2008 - 19:41 | |
CVE-2008-1581 | 6.8 |
Heap-based buffer overflow in Apple QuickTime before 7.5 on Windows allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted packed scanlines in PixData structures in a PICT image.
|
11-10-2018 - 20:35 | 10-06-2008 - 18:32 | |
CVE-2008-5271 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter. Solution:
Update to version 2.6.02.
http://sourceforge.net/project/show
|
19-10-2017 - 01:30 | 28-11-2008 - 19:00 | |
CVE-2008-5267 | 6.8 |
SQL injection vulnerability in answer.php in Experts 1.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the question_id parameter.
|
29-09-2017 - 01:32 | 28-11-2008 - 19:00 | |
CVE-2008-5272 | 4.0 |
Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/module
|
29-09-2017 - 01:32 | 28-11-2008 - 19:00 | |
CVE-2008-5270 | 7.5 |
SQL injection vulnerability in view.topics.php in Yuhhu Superstar 2008 allows remote attackers to execute arbitrary SQL commands via the board parameter.
|
29-09-2017 - 01:32 | 28-11-2008 - 19:00 | |
CVE-2008-5265 | 6.8 |
Directory traversal vulnerability in index.php in TNT Forum 0.9.4, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the modulo parameter.
|
29-09-2017 - 01:32 | 28-11-2008 - 19:00 | |
CVE-2008-4303 | 6.8 |
Multiple SQL injection vulnerabilities in phpCollab 2.5 rc3, 2.4, and earlier allow remote attackers to execute arbitrary SQL commands via the loginForm parameter to general/login.php, and unspecified other vectors.
|
08-08-2017 - 01:32 | 23-12-2008 - 18:30 | |
CVE-2008-4304 | 10.0 |
general/login.php in phpCollab 2.5 rc3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified input related to the SSL_CLIENT_CERT environment variable. NOTE: in some environments, SSL_CLIENT_CERT al
|
08-08-2017 - 01:32 | 23-12-2008 - 18:30 | |
CVE-2008-4305 | 9.0 |
Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI.
|
08-08-2017 - 01:32 | 23-12-2008 - 18:30 | |
CVE-2008-2675 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in PHP Image Gallery allows remote attackers to inject arbitrary web script or HTML via the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely
|
08-08-2017 - 01:31 | 12-06-2008 - 12:21 | |
CVE-2008-1583 | 6.8 |
Heap-based buffer overflow in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PICT image, a different vulnerability than CVE-2008-1581.
|
08-08-2017 - 01:30 | 10-06-2008 - 18:32 | |
CVE-2016-6401 | 5.7 |
Cisco Carrier Routing System (CRS) 5.1 and 5.1.4, as used in CRS Carrier Grade Services for CRS-1 and CRS-3 devices, allows remote attackers to cause a denial of service (line-card reload) via crafted IPv6-over-MPLS packets, aka Bug ID CSCva32494.
|
30-07-2017 - 01:29 | 17-09-2016 - 02:59 | |
CVE-2005-2041 | 5.0 |
Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE).
|
11-07-2017 - 01:32 | 15-06-2005 - 04:00 | |
CVE-2015-1874 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that del
|
04-08-2016 - 03:17 | 09-03-2015 - 16:59 | |
CVE-2001-1561 | 7.2 |
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
|
05-09-2008 - 20:26 | 31-12-2001 - 05:00 |