| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-1796 | 6.8 |
The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow
|
13-02-2023 - 00:27 | 22-03-2013 - 11:59 | |
| CVE-2016-3401 | 4.0 |
Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote authenticated users to affect integrity via unknown vectors, aka bug 99810.
|
04-06-2020 - 12:10 | 18-01-2017 - 22:59 | |
| CVE-2018-15444 | 4.9 |
A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to imp
|
09-10-2019 - 23:35 | 08-11-2018 - 18:29 | |
| CVE-2007-5149 | 6.8 |
PHP remote file inclusion vulnerability in NewsCMS/news/newstopic_inc.php in North Country Public Radio Public Media Manager (PMM) 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the indir parameter.
|
15-10-2018 - 21:40 | 01-10-2007 - 05:17 | |
| CVE-2013-2279 | 7.5 |
CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation (Standalone) 12.1 and 12.0; Agent for SharePoint 2010; and SiteMinder for Secure Proxy Server 6.0, 12.0, and 12.5 does not properly verify XML signatures for SAML statements, which allows
|
13-08-2018 - 21:47 | 21-03-2013 - 17:55 | |
| CVE-2009-2049 | 5.4 |
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t a
|
29-09-2017 - 01:34 | 30-07-2009 - 18:30 | |
| CVE-2015-1926 | 5.5 |
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users
|
22-09-2017 - 01:29 | 16-07-2015 - 10:59 | |
| CVE-2012-4990 | 7.5 |
SQL injection vulnerability in admin/campaign-zone-link.php in OpenX 2.8.10 before revision 81823 allows remote attackers to execute arbitrary SQL commands via the ids[] parameter in a link action.
|
29-08-2017 - 01:32 | 22-10-2012 - 23:55 | |
| CVE-2012-4989 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin/plugin-index.php in OpenX 2.8.10 before revision 81823 allows remote attackers to inject arbitrary web script or HTML via the parent parameter in an info action.
|
29-08-2017 - 01:32 | 22-10-2012 - 23:55 | |
| CVE-2010-4429 | 3.5 |
Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Web Client, a different vulnerability than CVE-2010-350
|
17-08-2017 - 01:33 | 19-01-2011 - 17:00 | |
| CVE-2005-4255 | 4.3 |
Cross-site scripting (XSS) vulnerability in TextSearch in WikkaWiki 1.1.6.0 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded phrase parameter.
|
08-03-2011 - 02:27 | 15-12-2005 - 11:03 | |
| CVE-2002-1885 | 7.5 |
PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 allows remote attackers to execute arbitrary PHP code via the rel_path parameter.
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 |