| Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-1230 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a craft
|
28-09-2020 - 12:58 | 13-04-2011 - 20:26 | |
| CVE-2011-1230 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a craft
|
28-09-2020 - 12:58 | 13-04-2011 - 20:26 | |
| CVE-2003-0161 | 10.0 |
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a s
|
30-10-2018 - 16:26 | 02-04-2003 - 05:00 | |
| CVE-2015-1480 | 4.0 |
ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to obtain sensitive ticket information via a (1) getTicketData action to servlet/AJaxServlet or a direct request to (2) swf/flashreport.swf, (3) reports/
|
09-10-2018 - 19:55 | 04-02-2015 - 16:59 | |
| CVE-2006-1422 | 5.0 |
SQL injection vulnerability in details_view.php in PHP Booking Calendar 1.0c and earlier allows remote attackers to execute arbitrary SQL commands via the event_id parameter.
|
11-10-2017 - 01:30 | 28-03-2006 - 20:02 | |
| CVE-2008-0255 | 7.5 |
SQL injection vulnerability in archive.php in iGaming 1.5, and 1.3.1 and earlier, allows remote attackers to execute arbitrary SQL commands via the section parameter.
|
29-09-2017 - 01:30 | 15-01-2008 - 20:00 | |
| CVE-2014-7287 | 5.0 |
The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message
|
08-09-2017 - 01:29 | 01-02-2015 - 02:59 | |
| CVE-2014-7288 | 9.0 |
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action.
|
08-09-2017 - 01:29 | 01-02-2015 - 02:59 | |
| CVE-2015-0586 | 7.8 |
The Network-Based Application Recognition (NBAR) protocol implementation in Cisco IOS 15.3(100)M and earlier on Cisco 2900 Integrated Services Router (aka Cisco Internet Router) devices allows remote attackers to cause a denial of service (NBAR proce
|
08-09-2017 - 01:29 | 28-01-2015 - 22:59 | |
| CVE-2009-4129 | 5.8 |
Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain.
|
17-08-2017 - 01:31 | 14-12-2009 - 17:30 | |
| CVE-2017-7290 | 6.5 |
SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses "into outfile" to create a back
|
03-04-2017 - 13:42 | 30-03-2017 - 07:59 |