| Max CVSS | 9.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4308 | 2.6 |
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.
|
13-02-2023 - 02:19 | 26-02-2009 - 23:30 | |
| CVE-2016-3341 | 9.3 |
The kernel-mode drivers in Transaction Manager in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Windows Transaction Man
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
| CVE-2009-0378 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to inject arbitrary web script or HTML via the pet parameter in a sign action.
|
11-10-2018 - 21:01 | 02-02-2009 - 19:00 | |
| CVE-2009-0377 | 7.5 |
SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132.
|
11-10-2018 - 21:01 | 02-02-2009 - 19:00 | |
| CVE-2018-4923 | 6.4 |
Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.
|
22-06-2018 - 17:16 | 19-05-2018 - 17:29 | |
| CVE-2001-1052 | 7.5 |
Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
|
19-12-2017 - 02:29 | 02-10-2001 - 04:00 | |
| CVE-2012-1775 | 9.3 |
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
|
14-12-2017 - 02:29 | 19-03-2012 - 16:55 | |
| CVE-2009-0743 | 3.5 |
Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote authenticated users to inject arb
|
17-08-2017 - 01:30 | 27-02-2009 - 17:30 | |
| CVE-2007-1904 | 4.3 |
Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operat
|
29-07-2017 - 01:31 | 10-04-2007 - 23:19 | |
| CVE-2005-1281 | 5.0 |
Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
|
05-09-2008 - 20:48 | 26-04-2005 - 04:00 |