| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-15961 | 10.0 |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
|
04-09-2020 - 14:09 | 25-09-2018 - 13:29 | |
| CVE-2012-1972 | 10.0 |
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote
|
28-08-2020 - 13:33 | 29-08-2012 - 10:56 | |
| CVE-2005-3503 | 7.2 |
chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not properly check arguments for the GECOS field, which allows local users to gain privileges.
|
19-10-2018 - 15:36 | 05-11-2005 - 11:02 | |
| CVE-2007-3386 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases paramet
|
16-10-2018 - 16:48 | 14-08-2007 - 22:17 | |
| CVE-2012-2269 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary field to apps/contacts/ajax/addcard.php, (2) the parameter parameter to apps/contacts/ajax
|
04-01-2018 - 02:29 | 20-04-2012 - 10:55 | |
| CVE-2012-2270 | 5.8 |
Open redirect vulnerability in index.php (aka the Login Page) in ownCloud before 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_url parameter.
|
04-01-2018 - 02:29 | 20-04-2012 - 10:55 | |
| CVE-2012-1933 | 6.8 |
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) includ
|
29-08-2017 - 01:31 | 27-08-2012 - 21:55 | |
| CVE-2012-0984 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) to_userid parameter to modules/pm/pmlite.php or the (2) current_file, (3) imgcat_id, or (4) target par
|
29-08-2017 - 01:31 | 11-09-2014 - 14:16 | |
| CVE-2016-7841 | 4.3 |
Cross-site scripting vulnerability in Olive Diary DX allows remote attackers to inject arbitrary web script or HTML via the page parameter.
|
05-05-2017 - 13:37 | 28-04-2017 - 16:59 | |
| CVE-2012-2114 | 7.5 |
Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string to an unbuffered stream such as stderr.
|
19-12-2012 - 04:52 | 31-08-2012 - 22:55 | |
| CVE-2002-2331 | 5.8 |
W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending cod
|
05-09-2008 - 20:32 | 31-12-2002 - 05:00 |