| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-8173 | 9.3 |
A remote code execution vulnerability exists in Microsoft InfoPath when the software fails to properly handle objects in memory, aka "Microsoft InfoPath Remote Code Execution Vulnerability." This affects Microsoft Infopath.
|
24-08-2020 - 17:37 | 09-05-2018 - 19:29 | |
| CVE-2016-0096 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
| CVE-2010-2292 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field.
|
10-10-2018 - 19:59 | 15-06-2010 - 14:04 | |
| CVE-2010-2293 | 6.8 |
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size.
|
10-10-2018 - 19:59 | 15-06-2010 - 14:04 | |
| CVE-2016-9013 | 7.5 |
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the da
|
04-11-2017 - 01:29 | 09-12-2016 - 20:59 | |
| CVE-2010-1408 | 4.3 |
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to bypass intended restrictions on outbound connections to "non-default TCP ports" via a crafted port number, relate
|
19-09-2017 - 01:30 | 11-06-2010 - 18:00 | |
| CVE-2007-2804 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in scripts/prodList.asp in CandyPress Store 3.5.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) brand and (2) Msg parameters.
|
29-07-2017 - 01:31 | 22-05-2007 - 19:30 | |
| CVE-2002-0257 | 7.5 |
Cross-site scripting vulnerability in auction.pl of MakeBid Auction Deluxe 3.30 allows remote attackers to obtain information from other users via the form fields (1) TITLE, (2) DESCTIT, (3) DESC, (4) searchstring, (5) ALIAS, (6) EMAIL, (7) ADDRESS1,
|
18-10-2016 - 02:17 | 29-05-2002 - 04:00 | |
| CVE-2010-2342 | 7.5 |
SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.
|
21-06-2010 - 15:30 | 21-06-2010 - 15:30 | |
| CVE-2010-2326 | 4.3 |
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when addNode -trace is used during node federation, allows attackers to obtain sensitive information about CIMMetadataCollectorImpl trace actions by reading the addNode.log file.
|
21-06-2010 - 04:00 | 18-06-2010 - 18:30 |