Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-1870 | 2.1 |
The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information from /var/log/messages via unspecified vectors.
|
13-02-2023 - 00:47 | 26-06-2017 - 15:29 | |
CVE-2014-0022 | 5.0 |
The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.
|
13-02-2023 - 00:29 | 26-01-2014 - 16:58 | |
CVE-2018-10902 | 4.6 |
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmi
|
12-02-2023 - 23:31 | 21-08-2018 - 19:29 | |
CVE-2010-4409 | 5.0 |
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.
|
30-10-2018 - 16:26 | 06-12-2010 - 20:13 | |
CVE-2011-4885 | 5.0 |
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
|
09-01-2018 - 02:29 | 30-12-2011 - 01:55 | |
CVE-2002-1859 | 5.0 |
Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("W
|
30-11-2017 - 14:02 | 31-12-2002 - 05:00 | |
CVE-2009-1847 | 7.5 |
Directory traversal vulnerability in index.php in Easy PX 41 CMS 9.0 B1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the fiche parameter.
|
29-09-2017 - 01:34 | 01-06-2009 - 19:30 | |
CVE-2007-4053 | 7.5 |
SQL injection vulnerability in include/img_view.class.php in LinPHA 1.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the order parameter to new_images.php.
|
29-09-2017 - 01:29 | 30-07-2007 - 17:30 | |
CVE-2002-1860 | 5.0 |
Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 | |
CVE-2002-1857 | 5.0 |
jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 | |
CVE-2002-1856 | 5.0 |
HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-IN
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 | |
CVE-2002-1861 | 5.0 |
Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a traili
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 | |
CVE-2002-1855 | 5.0 |
Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 | |
CVE-2002-1858 | 5.0 |
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the W
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 |