| Max CVSS | 7.5 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-4425 | 6.9 |
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that th
|
13-02-2023 - 04:34 | 18-09-2012 - 17:55 | |
| CVE-2017-3235 | 3.6 |
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vu
|
03-10-2019 - 00:03 | 27-01-2017 - 22:59 | |
| CVE-2014-1888 | 4.3 |
Cross-site scripting (XSS) vulnerability in the BuddyPress plugin before 1.9.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the name field to groups/create/step/group-details. NOTE: this can be exploited
|
30-10-2018 - 16:27 | 01-03-2014 - 00:01 | |
| CVE-2005-3955 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0.3, (b) Jaws 0.6.2, and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_
|
19-10-2018 - 15:39 | 01-12-2005 - 06:03 | |
| CVE-2009-2419 | 4.3 |
Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML docume
|
17-08-2017 - 01:30 | 09-07-2009 - 16:30 | |
| CVE-2007-4794 | 7.2 |
Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.
|
29-07-2017 - 01:33 | 10-09-2007 - 21:17 | |
| CVE-2005-3954 | 4.3 |
Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows remote attackers to inject arbitrary web script or HTML via the u parameter to index.php.
|
20-07-2017 - 01:29 | 01-12-2005 - 06:03 | |
| CVE-2012-4426 | 6.8 |
Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier might allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving (1) errors.c or (2) mcrypt.c.
|
08-12-2016 - 03:02 | 21-11-2012 - 23:55 | |
| CVE-2012-4427 | 6.8 |
The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page.
|
02-10-2012 - 04:00 | 01-10-2012 - 03:26 | |
| CVE-2002-0984 | 7.5 |
The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC4 code.
|
10-09-2008 - 19:13 | 24-09-2002 - 04:00 |