| Max CVSS | 10.0 | Min CVSS | 1.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-10054 | 6.8 |
Buffer overflow in the WriteMAPImage function in coders/map.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
|
16-11-2020 - 19:55 | 23-03-2017 - 17:59 | |
| CVE-2016-10056 | 6.8 |
Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
|
16-11-2020 - 19:53 | 23-03-2017 - 17:59 | |
| CVE-2007-3381 | 1.5 |
The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before 2.18.4, and 2.19.x before 2.19.5 does not properly handle NULL return values from the g_strsplit function, which allows local users to cause a denial of
|
16-10-2018 - 16:48 | 07-08-2007 - 10:17 | |
| CVE-2015-2803 | 6.0 |
SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter.
|
09-10-2018 - 19:56 | 17-06-2015 - 18:59 | |
| CVE-2005-2959 | 4.6 |
Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though oth
|
03-10-2018 - 21:31 | 25-10-2005 - 16:02 | |
| CVE-2013-6748 | 7.5 |
Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749.
|
29-08-2017 - 01:34 | 29-01-2014 - 05:37 | |
| CVE-2012-1061 | 7.5 |
SQL injection vulnerability in GForge Advanced Server 6.0.0 and other versions before 6.0.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
29-08-2017 - 01:31 | 14-02-2012 - 00:55 | |
| CVE-2012-0994 | 6.0 |
SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto 1.4.2 allows remote authenticated users to execute arbitrary SQL commands via the sortableList parameter.
|
29-08-2017 - 01:31 | 21-02-2012 - 13:31 | |
| CVE-2012-0993 | 6.8 |
Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via the viewer_size_image_saved cookie.
|
29-08-2017 - 01:31 | 21-02-2012 - 13:31 | |
| CVE-2012-0995 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in an external action to zp-core/admin.php, (2) PATH_INTO to an unspecified URL, as demonstr
|
29-08-2017 - 01:31 | 21-02-2012 - 13:31 | |
| CVE-2009-2039 | 10.0 |
Unspecified vulnerability in the Luottokunta module before 1.3 for osCommerce has unknown impact and attack vectors related to orders.
|
17-08-2017 - 01:30 | 12-06-2009 - 18:00 | |
| CVE-2002-1042 | 5.0 |
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequence
|
05-09-2008 - 20:29 | 04-10-2002 - 04:00 |