Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2002-0353 | 5.0 |
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
|
14-02-2024 - 01:17 | 25-06-2002 - 04:00 | |
CVE-2010-4708 | 7.2 |
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM
|
03-01-2019 - 15:01 | 24-01-2011 - 19:00 | |
CVE-2010-4707 | 4.9 |
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a
|
03-01-2019 - 15:01 | 24-01-2011 - 19:00 | |
CVE-2010-4706 | 4.9 |
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by execut
|
03-01-2019 - 15:01 | 24-01-2011 - 19:00 | |
CVE-2009-4933 | 7.5 |
Multiple SQL injection vulnerabilities in login.php in EZ Webitor allow remote attackers to execute arbitrary SQL commands via the (1) txtUserId (Username) and (2) txtPassword (Password) parameters. NOTE: some of these details are obtained from thir
|
19-09-2017 - 01:30 | 12-07-2010 - 13:27 | |
CVE-2010-4393 | 9.3 |
Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted header in an AVI file.
|
17-08-2017 - 01:33 | 31-01-2011 - 21:00 | |
CVE-2010-4702 | 7.5 |
SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:33 | 20-01-2011 - 19:00 | |
CVE-2010-4216 | 5.0 |
IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 does not properly handle invalid buffer references in LDAP BER requests, which might allow remote attackers to cause a denial of service (daemon crash) via vectors involving a b
|
17-08-2017 - 01:33 | 09-11-2010 - 21:00 | |
CVE-2011-0321 | 6.4 |
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregis
|
17-08-2017 - 01:33 | 01-02-2011 - 18:00 | |
CVE-2007-3375 | 6.8 |
Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.
|
29-07-2017 - 01:32 | 25-06-2007 - 20:30 | |
CVE-2016-5882 | 4.3 |
IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
|
28-07-2017 - 01:29 | 01-02-2017 - 20:59 | |
CVE-2005-2557 | 4.3 |
Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE
|
11-07-2017 - 01:32 | 28-09-2005 - 21:03 | |
CVE-2015-3071 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:14 | 13-05-2015 - 11:00 | |
CVE-2015-3072 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:14 | 13-05-2015 - 11:00 | |
CVE-2015-3065 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:09 | 13-05-2015 - 11:00 | |
CVE-2015-3066 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:09 | 13-05-2015 - 11:00 | |
CVE-2015-3069 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:06 | 13-05-2015 - 11:00 | |
CVE-2015-3068 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:06 | 13-05-2015 - 11:00 | |
CVE-2015-3073 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:06 | 13-05-2015 - 11:00 | |
CVE-2015-3074 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 20:04 | 13-05-2015 - 11:00 | |
CVE-2015-3063 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 19:54 | 13-05-2015 - 10:59 | |
CVE-2015-3064 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 19:53 | 13-05-2015 - 10:59 | |
CVE-2015-3061 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062,
|
05-01-2017 - 19:53 | 13-05-2015 - 10:59 | |
CVE-2015-3062 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 19:53 | 13-05-2015 - 10:59 | |
CVE-2015-3067 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061,
|
05-01-2017 - 19:48 | 13-05-2015 - 11:00 | |
CVE-2015-3060 | 10.0 |
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3061, CVE-2015-3062,
|
03-01-2017 - 19:02 | 13-05-2015 - 10:59 | |
CVE-2005-2556 | 7.5 |
core/database_api.php in Mantis 0.19.0a1 through 1.0.0a3, with register_globals enabled, allows remote attackers to connect to internal databases by modifying the g_db_type variable and monitoring the speed of responses, as identified by bug#0005956.
|
18-10-2016 - 03:28 | 24-08-2005 - 04:00 | |
CVE-2010-4217 | 5.0 |
Use-after-free vulnerability in the proxy server in IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 and 6.1.x before 6.1.0-TIV-ITDS-FP0005 allows remote attackers to cause a denial of service (daemon crash) via an unbind requ
|
10-11-2010 - 17:19 | 09-11-2010 - 21:00 |