Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-3618 | 7.5 |
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."
|
13-02-2023 - 00:41 | 08-09-2014 - 14:55 | |
CVE-2017-5233 | 6.8 |
Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.
|
08-01-2021 - 13:48 | 02-03-2017 - 20:59 | |
CVE-2006-1082 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpArcadeScript 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the gamename parameter in tellafriend.php, (2) the login_status parameter in loginbox.php, (3
|
18-10-2018 - 16:30 | 09-03-2006 - 00:02 | |
CVE-2014-4070 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-2799 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-4059 | 9.3 |
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability tha
|
12-10-2018 - 22:06 | 10-09-2014 - 01:55 | |
CVE-2014-6238 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Akronymmanager (aka SB Folderdownload) extension 0.5.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
08-09-2017 - 01:29 | 11-09-2014 - 14:16 | |
CVE-2015-8855 | 7.8 |
The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."
|
26-01-2017 - 19:33 | 23-01-2017 - 21:59 | |
CVE-2003-0055 | 7.5 |
Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename.
|
18-10-2016 - 02:28 | 07-03-2003 - 05:00 | |
CVE-2014-6240 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Google Sitemap (weeaar_googlesitemap) extension 0.4.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
11-09-2014 - 17:06 | 11-09-2014 - 14:16 |