| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-0345 | 2.1 |
varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third p
|
13-02-2023 - 00:27 | 08-05-2014 - 14:29 | |
| CVE-2015-4731 | 10.0 |
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
|
13-05-2022 - 14:38 | 16-07-2015 - 11:00 | |
| CVE-2018-16986 | 5.8 |
Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.
|
24-08-2020 - 17:37 | 06-11-2018 - 15:29 | |
| CVE-2017-3730 | 5.0 |
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial o
|
25-04-2019 - 13:59 | 04-05-2017 - 19:29 | |
| CVE-2007-5117 | 9.3 |
Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.13, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter to (1) access/login.php and (2) includes/l
|
19-10-2017 - 01:30 | 27-09-2007 - 17:17 | |
| CVE-2013-0347 | 7.2 |
The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file.
|
29-08-2017 - 01:33 | 16-11-2014 - 11:59 | |
| CVE-2005-4059 | 7.5 |
SQL injection vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to execute arbitrary SQL commands via the q parameter.
|
08-03-2011 - 02:27 | 07-12-2005 - 11:03 | |
| CVE-2009-2621 | 5.0 |
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header
|
12-08-2009 - 05:30 | 28-07-2009 - 17:30 | |
| CVE-2009-2622 | 5.0 |
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version
|
12-08-2009 - 05:30 | 28-07-2009 - 17:30 | |
| CVE-2005-4205 | 4.3 |
Cross-site scripting (XSS) vulnerability in searchdb.asp in LocazoList 1.03c and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
20-09-2008 - 04:42 | 13-12-2005 - 11:03 | |
| CVE-2002-0688 | 7.5 |
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
|
05-09-2008 - 20:28 | 23-07-2002 - 04:00 |