| Max CVSS | 7.8 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-6328 | 7.2 |
DOSBox 0.72 and earlier allows local users to obtain access to the filesystem on the host operating system via the mount command. NOTE: the researcher reports a vendor response stating that this is not a security problem
|
11-04-2024 - 00:43 | 13-12-2007 - 19:46 | |
| CVE-2014-3476 | 6.0 |
OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with im
|
02-06-2020 - 19:49 | 17-06-2014 - 14:55 | |
| CVE-2017-0516 | 7.6 |
An elevation of privilege vulnerability in the Qualcomm input hardware driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a
|
03-10-2019 - 00:03 | 08-03-2017 - 01:59 | |
| CVE-2017-18360 | 4.9 |
In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.
|
17-04-2019 - 17:41 | 31-01-2019 - 09:29 | |
| CVE-2006-0898 | 2.6 |
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector (IV) of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael.
|
18-10-2018 - 16:29 | 25-02-2006 - 11:02 | |
| CVE-2014-3428 | 4.3 |
Cross-site scripting (XSS) vulnerability in Yealink VoIP Phones with firmware 28.72.0.2 allows remote attackers to inject arbitrary web script or HTML via the model parameter to servlet.
|
09-10-2018 - 19:43 | 16-06-2014 - 18:55 | |
| CVE-2001-0909 | 7.5 |
Buffer overflow in helpctr.exe program in Microsoft Help Center for Windows XP allows remote attackers to execute arbitrary code via a long hcp: URL.
|
10-10-2017 - 01:29 | 21-11-2001 - 05:00 | |
| CVE-2015-5576 | 5.0 |
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restric
|
17-02-2017 - 02:59 | 22-09-2015 - 10:59 | |
| CVE-2014-3290 | 4.8 |
The mDNS implementation in Cisco IOS XE 3.12S does not properly interact with autonomic networking, which allows remote attackers to obtain sensitive networking-services information by sniffing the network or overwrite networking-services data via a
|
06-09-2016 - 13:33 | 14-06-2014 - 11:18 | |
| CVE-2014-2842 | 7.8 |
Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet.
|
18-07-2014 - 05:23 | 15-04-2014 - 14:55 |