| Max CVSS | 7.6 | Min CVSS | 2.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-0020 | 7.6 |
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (
|
13-02-2023 - 03:22 | 24-01-2011 - 18:00 | |
| CVE-2013-2714 | 4.3 |
Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the 'playerID' parameter.
|
30-01-2020 - 17:49 | 28-01-2020 - 20:15 | |
| CVE-2009-2620 | 5.0 |
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that
|
19-09-2017 - 01:29 | 29-07-2009 - 17:30 | |
| CVE-2012-4230 | 4.3 |
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site scripting (XSS) attacks via application-specific ve
|
29-08-2017 - 01:32 | 25-04-2014 - 14:15 | |
| CVE-2007-5152 | 7.5 |
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks.
|
29-07-2017 - 01:33 | 01-10-2007 - 05:17 | |
| CVE-2007-5153 | 6.8 |
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors.
|
29-07-2017 - 01:33 | 01-10-2007 - 05:17 | |
| CVE-2016-8225 | 4.6 |
Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.
|
01-02-2017 - 02:59 | 26-01-2017 - 17:59 | |
| CVE-2002-1198 | 7.5 |
Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.
|
18-10-2016 - 02:24 | 28-10-2002 - 05:00 | |
| CVE-2013-0312 | 5.0 |
389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.
|
19-03-2013 - 04:00 | 13-03-2013 - 20:55 | |
| CVE-2012-2286 | 2.9 |
Unspecified vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 before SP3 P3 allows remote attackers to obtain sensitive information via unknown vectors.
|
12-02-2013 - 05:08 | 10-10-2012 - 21:55 | |
| CVE-2005-4238 | 4.3 |
Cross-site scripting (XSS) vulnerability in view_filters_page.php in Mantis 1.0.0rc3 and earlier allows remote attackers to inject arbitrary web script or HTML via the target_field parameter.
|
08-03-2011 - 02:27 | 14-12-2005 - 11:03 |