| Max CVSS | 9.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3620 | 4.9 |
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash
|
09-02-2024 - 00:20 | 22-10-2009 - 16:00 | |
| CVE-2014-3479 | 4.3 |
The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (appli
|
28-10-2022 - 23:26 | 09-07-2014 - 11:07 | |
| CVE-2014-0207 | 4.3 |
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a craft
|
28-09-2022 - 20:39 | 09-07-2014 - 11:07 | |
| CVE-2019-7249 | 7.5 |
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.
|
24-08-2020 - 17:37 | 31-01-2019 - 09:29 | |
| CVE-2003-1442 | 7.5 |
The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2017-6506 | 7.5 |
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
|
15-03-2017 - 01:59 | 10-03-2017 - 10:59 | |
| CVE-2014-4668 | 6.8 |
The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password
|
03-01-2017 - 02:59 | 02-07-2014 - 04:14 | |
| CVE-2014-0103 | 2.1 |
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
|
04-11-2015 - 17:35 | 29-07-2014 - 14:55 | |
| CVE-2014-2612 | 4.0 |
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to obtain sensitive information via unknown vectors.
|
24-07-2014 - 04:59 | 28-06-2014 - 15:55 | |
| CVE-2014-2613 | 9.0 |
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via unknown vectors.
|
24-07-2014 - 04:59 | 28-06-2014 - 15:55 | |
| CVE-2014-4195 | 4.3 |
Cross-site scripting (XSS) vulnerability in zero_view_article.php in ZeroCMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the article_id parameter.
|
09-07-2014 - 01:29 | 03-07-2014 - 14:55 |