| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-0014 | 5.0 |
On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash th
|
22-07-2020 - 18:00 | 15-01-2019 - 21:29 | |
| CVE-2014-1876 | 4.4 |
The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot
|
05-01-2018 - 02:29 | 10-02-2014 - 23:55 | |
| CVE-2014-2263 | 6.8 |
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write.
|
29-08-2017 - 01:34 | 01-03-2014 - 00:55 | |
| CVE-2014-0828 | 4.3 |
Cross-site scripting (XSS) vulnerability in the WCM (Web Content Manager) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF11 allows remote attackers to
|
29-08-2017 - 01:34 | 02-04-2014 - 03:58 | |
| CVE-2009-3653 | 3.5 |
Cross-site scripting (XSS) vulnerability in the additional links interface in XML Sitemap 5.x-1.6, a module for Drupal, allows remote authenticated users, with "administer site configuration" permission, to inject arbitrary web script or HTML via uns
|
17-08-2017 - 01:31 | 09-10-2009 - 14:30 | |
| CVE-2006-0625 | 6.4 |
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via re
|
20-07-2017 - 01:29 | 09-02-2006 - 18:06 | |
| CVE-2002-1632 | 6.4 |
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.
|
11-07-2017 - 01:29 | 31-12-2002 - 05:00 | |
| CVE-2002-1630 | 7.5 |
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary emails.
|
11-07-2017 - 01:29 | 31-12-2002 - 05:00 | |
| CVE-2017-6443 | 4.3 |
Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.
|
16-03-2017 - 18:17 | 15-03-2017 - 15:59 | |
| CVE-2014-1931 | 4.3 |
The user login page in Visibility Software Cyber Recruiter before 8.1.00 generates different responses for invalid password-retrieval attempts depending on which data elements are incorrect, which might allow remote attackers to obtain account-relate
|
21-02-2014 - 05:06 | 10-02-2014 - 22:55 | |
| CVE-2002-1631 | 7.5 |
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter.
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 |