| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-9425 | 7.5 |
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the Zend Engine in PHP through 5.5.20 and 5.6.x through 5.6.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact
|
04-08-2022 - 15:46 | 31-12-2014 - 02:59 | |
| CVE-2017-7297 | 6.5 |
Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/server:v1.4.3, and rancher/server:v1.5.3.
|
13-04-2022 - 23:44 | 29-03-2017 - 00:59 | |
| CVE-2008-0147 | 6.8 |
SQL injection vulnerability in index.php in SmallNuke 2.0.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via (1) the user_email parameter and possibly (2) username parameter in a Members ac
|
29-09-2017 - 01:30 | 09-01-2008 - 00:46 | |
| CVE-2005-4418 | 7.5 |
util-vserver before 0.30.208-1 with kernel-patch-vserver before 1.9.5.5 and 2.x before 2.3 for Debian GNU/Linux sets a default policy that trusts unknown capabilities, which could allow local users to conduct unauthorized activities. Update to versio
|
20-07-2017 - 01:29 | 31-12-2005 - 05:00 | |
| CVE-2003-0220 | 7.5 |
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
|
18-10-2016 - 02:30 | 12-05-2003 - 04:00 | |
| CVE-2014-9447 | 6.4 |
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using
|
18-04-2015 - 01:59 | 02-01-2015 - 20:59 | |
| CVE-2014-9446 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the Staff client in Koha before 3.16.6 and 3.18.x before 3.18.2 allow remote attackers to inject arbitrary web script or HTML via the sort_by parameter to the (1) opac parameter in opac-search.pl
|
06-01-2015 - 03:00 | 02-01-2015 - 20:59 | |
| CVE-2014-9444 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the errors[fu-disallowed-mime-type][0][name] parameter to the default URI.
|
05-01-2015 - 21:17 | 02-01-2015 - 20:59 | |
| CVE-2009-4780 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action, (2) the search parameter in a search action, (3) t
|
24-04-2010 - 04:00 | 21-04-2010 - 14:30 |