| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-3401 | 6.8 |
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service
|
13-02-2023 - 00:25 | 13-08-2012 - 20:55 | |
| CVE-2012-2662 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2
|
13-02-2023 - 00:25 | 13-08-2012 - 20:55 | |
| CVE-2017-5520 | 6.5 |
The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to rename and execute files with the `.php6`, `.php7` and `.phtml` extensions.
|
03-10-2019 - 00:03 | 17-01-2017 - 09:59 | |
| CVE-2005-3644 | 7.8 |
PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large
|
30-04-2019 - 14:27 | 17-11-2005 - 11:02 | |
| CVE-2018-12387 | 6.4 |
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as pa
|
06-12-2018 - 18:38 | 18-10-2018 - 13:29 | |
| CVE-2018-12386 | 5.8 |
A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered. This vulnerability affects Firefox ESR
|
06-12-2018 - 18:31 | 18-10-2018 - 13:29 | |
| CVE-2007-4566 | 10.0 |
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
|
15-10-2018 - 21:36 | 28-08-2007 - 01:17 | |
| CVE-2012-3008 | 8.5 |
Stack-based buffer overflow in OSIsoft PI OPC DA Interface before 2.3.20.9 allows remote authenticated users to execute arbitrary code by sending packet data during the processing of messages associated with OPC items.
|
22-12-2017 - 02:29 | 20-07-2012 - 10:40 | |
| CVE-2012-2978 | 5.0 |
query.c in NSD 3.0.x through 3.0.8, 3.1.x through 3.1.1, and 3.2.x before 3.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and child process crash) via a crafted DNS packet.
|
22-12-2017 - 02:29 | 27-07-2012 - 10:27 | |
| CVE-2012-3367 | 5.5 |
Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to r
|
29-08-2017 - 01:31 | 13-08-2012 - 20:55 | |
| CVE-2002-0857 | 7.5 |
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listene
|
18-10-2016 - 02:22 | 05-09-2002 - 04:00 |