| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-1936 | 6.8 |
The wp_create_nonce function in wp-includes/pluggable.php in WordPress 3.3.1 and earlier associates a nonce with a user account instead of a user session, which might make it easier for remote attackers to conduct cross-site request forgery (CSRF) at
|
11-04-2024 - 00:48 | 03-05-2012 - 20:55 | |
| CVE-2014-1482 | 9.3 |
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of s
|
14-02-2024 - 01:17 | 06-02-2014 - 05:44 | |
| CVE-2004-2466 | 5.0 |
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.
|
01-08-2022 - 17:15 | 31-12-2004 - 05:00 | |
| CVE-2015-4707 | 4.3 |
Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path.
|
17-10-2019 - 17:32 | 20-09-2017 - 18:29 | |
| CVE-2018-10637 | 6.8 |
A maliciously crafted project file may cause a buffer overflow, which may allow the attacker to execute arbitrary code that affects Fuji Electric V-Server Lite 4.0.3.0 and prior.
|
09-10-2019 - 23:32 | 13-09-2018 - 19:29 | |
| CVE-2017-5223 | 2.1 |
An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using
|
28-10-2017 - 01:29 | 16-01-2017 - 06:59 | |
| CVE-2015-4706 | 4.3 |
Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/contents path.
|
30-09-2017 - 10:12 | 21-09-2017 - 14:29 | |
| CVE-2012-4259 | 4.3 |
Cross-site scripting (XSS) vulnerability in the contacts in (1) XPhone UC Web and the (2) web frontend for XPhone Virtual Directory in C4B XPhone Unified Communications (UC) 2011 Web 4.1.890S R1 allows remote attackers to inject arbitrary web script
|
29-08-2017 - 01:32 | 13-08-2012 - 18:55 | |
| CVE-2012-4054 | 6.9 |
Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and earlier allows physically proximate attackers to execute arbitrary code via a crafted inf file.
|
29-08-2017 - 01:32 | 25-07-2012 - 21:55 | |
| CVE-2002-0813 | 7.1 |
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.
|
18-10-2016 - 02:22 | 12-08-2002 - 04:00 | |
| CVE-2012-3842 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the (1) select0 or (2) select8 parameters.
|
17-07-2012 - 04:00 | 03-07-2012 - 22:55 | |
| CVE-2009-1695 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving access to
|
17-02-2011 - 06:43 | 10-06-2009 - 18:00 | |
| CVE-2005-4686 | 5.0 |
PunBB 1.2.9, when used alone or with F-ART BLOG:CMS, includes config.php before calling the unregister_globals function, which allows attackers to obtain unspecified sensitive information.
|
05-09-2008 - 20:57 | 31-12-2005 - 05:00 |