Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-5824 | 5.8 |
Trillian 5.1.0.19 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid
|
07-02-2022 - 18:59 | 04-11-2012 - 22:55 | |
CVE-2018-20673 | 4.3 |
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer ove
|
24-08-2020 - 17:37 | 04-01-2019 - 18:29 | |
CVE-2017-6342 | 10.0 |
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19. When SmartPSS Software is launched, while on the login screen,
|
03-10-2019 - 00:03 | 27-02-2017 - 07:59 | |
CVE-2007-4572 | 9.3 |
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon se
|
30-10-2018 - 16:25 | 16-11-2007 - 18:46 | |
CVE-2006-0491 | 7.5 |
SQL injection vulnerability in SZUserMgnt.class.php in SZUserMgnt 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
19-10-2018 - 15:45 | 01-02-2006 - 02:02 | |
CVE-2002-1643 | 7.5 |
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two
|
23-12-2017 - 02:29 | 19-12-2002 - 05:00 | |
CVE-2009-4657 | 7.5 |
The administrator package for Xerver 4.32 does not require authentication, which allows remote attackers to alter application settings by connecting to the application on port 32123, as demonstrated by setting the action option to wizardStep1.
|
19-09-2017 - 01:30 | 03-03-2010 - 20:30 | |
CVE-2013-6444 | 5.8 |
PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary v
|
28-11-2016 - 19:09 | 05-05-2014 - 17:06 | |
CVE-2013-6418 | 5.8 |
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.
|
28-11-2016 - 19:09 | 05-05-2014 - 17:06 |