| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-4681 | 10.0 |
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.be
|
21-12-2022 - 15:28 | 28-08-2012 - 00:55 | |
| CVE-2018-8392 | 9.3 |
A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server
|
24-08-2020 - 17:37 | 13-09-2018 - 00:29 | |
| CVE-2002-1790 | 5.0 |
The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.
|
09-04-2020 - 13:47 | 31-12-2002 - 05:00 | |
| CVE-2016-10065 | 6.8 |
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
|
12-04-2019 - 18:58 | 03-03-2017 - 17:59 | |
| CVE-2007-4255 | 7.5 |
Buffer overflow in the mSQL extension in PHP 5.2.3 allows context-dependent attackers to execute arbitrary code via a long first argument to the msql_connect function.
|
15-10-2018 - 21:34 | 08-08-2007 - 23:17 | |
| CVE-2012-1262 | 4.3 |
Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via t
|
18-01-2018 - 02:29 | 03-03-2012 - 04:04 | |
| CVE-2012-0320 | 7.5 |
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script.
|
18-01-2018 - 02:29 | 03-03-2012 - 04:04 | |
| CVE-2012-0317 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting
|
18-01-2018 - 02:29 | 03-03-2012 - 04:04 | |
| CVE-2012-0319 | 6.5 |
The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.
|
18-01-2018 - 02:29 | 03-03-2012 - 04:04 | |
| CVE-2012-0318 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to inject arbitrary web script or HTML via vectors involving templates, a different issue than CVE-2012-126
|
18-01-2018 - 02:29 | 03-03-2012 - 04:04 | |
| CVE-2005-3330 | 7.5 |
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web p
|
11-07-2017 - 01:33 | 27-10-2005 - 10:02 | |
| CVE-2010-2793 | 6.8 |
Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving
|
16-01-2013 - 05:00 | 08-12-2010 - 18:00 |