| Max CVSS | 7.9 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-3503 | 6.5 |
The installation script in Katello 1.0 and earlier does not properly generate the Application.config.secret_token value, which causes each default installation to have the same secret token, and allows remote attackers to authenticate to the CloudFor
|
13-02-2024 - 16:44 | 25-08-2012 - 10:29 | |
| CVE-2012-3510 | 5.6 |
Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system crash) via a taskst
|
13-02-2023 - 04:34 | 03-10-2012 - 11:02 | |
| CVE-2018-11761 | 5.0 |
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
|
12-11-2019 - 20:15 | 19-09-2018 - 14:29 | |
| CVE-2005-3632 | 4.6 |
Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrary code via a crafted PNM file.
|
03-10-2018 - 21:33 | 21-11-2005 - 22:03 | |
| CVE-2002-1112 | 5.0 |
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
|
10-10-2017 - 01:30 | 04-10-2002 - 04:00 | |
| CVE-2007-4734 | 4.3 |
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
|
29-09-2017 - 01:29 | 06-09-2007 - 19:17 | |
| CVE-2012-3579 | 7.9 |
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session.
|
29-08-2017 - 01:31 | 29-08-2012 - 10:56 | |
| CVE-2012-3580 | 7.7 |
Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface.
|
29-08-2017 - 01:31 | 29-08-2012 - 10:56 | |
| CVE-2012-3293 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1 allows remote attackers to inject arbitrary
|
29-08-2017 - 01:31 | 21-08-2012 - 10:46 | |
| CVE-2009-4833 | 5.8 |
MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
|
17-08-2017 - 01:31 | 29-04-2010 - 19:30 | |
| CVE-2016-8319 | 5.8 |
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 12.0.1, 12.0.2,12.0.4,12.1.0 and 12.3.0. Easily exploitable vulnerability allow
|
11-02-2017 - 02:59 | 27-01-2017 - 22:59 | |
| CVE-2014-0726 | 7.5 |
SQL injection vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05326.
|
16-09-2015 - 18:57 | 13-02-2014 - 05:24 | |
| CVE-2012-3581 | 3.3 |
Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors.
|
10-10-2013 - 20:48 | 29-08-2012 - 10:56 |