| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-7308 | 7.2 |
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or
|
14-02-2023 - 18:32 | 29-03-2017 - 20:59 | |
| CVE-2014-7822 | 7.2 |
The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unsp
|
13-02-2023 - 00:42 | 16-03-2015 - 10:59 | |
| CVE-2008-0005 | 4.3 |
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
|
21-09-2022 - 19:10 | 12-01-2008 - 00:46 | |
| CVE-2015-0312 | 9.3 |
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
|
08-09-2021 - 17:19 | 28-01-2015 - 22:59 | |
| CVE-2015-0312 | 9.3 |
Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors.
|
29-09-2020 - 19:04 | 28-01-2015 - 22:59 | |
| CVE-2014-8826 | 5.0 |
LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive.
|
17-07-2020 - 18:15 | 30-01-2015 - 11:59 | |
| CVE-2003-1535 | 5.0 |
Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message.
|
19-10-2018 - 15:29 | 31-12-2003 - 05:00 | |
| CVE-2011-0673 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k Null Pointer De-reference Vulnerability." Per: http://cwe.mitre.or
|
12-10-2018 - 21:59 | 13-04-2011 - 20:26 | |
| CVE-2015-0866 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.9 before hotfix 7941 allow remote attackers to inject arbitrary web script or HTML via the (1) fromCustomer, (2) username, or (3) password parameter to Home
|
09-10-2018 - 19:55 | 02-02-2015 - 15:59 | |
| CVE-2014-8612 | 4.6 |
Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function,
|
09-10-2018 - 19:54 | 02-02-2015 - 16:59 | |
| CVE-2006-1400 | 4.3 |
Cross-site scripting (XSS) vulnerability in MyTasks/PersonalTaskEdit.asp in Metisware Instructor 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Task parameter.
|
20-07-2017 - 01:30 | 28-03-2006 - 11:06 | |
| CVE-2015-4910 | 2.1 |
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached.
|
24-12-2016 - 02:59 | 22-10-2015 - 00:00 | |
| CVE-2014-8613 | 7.8 |
The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service (NULL pointer dereference and kernel panic) via a crafted RE_CONFIG chunk. <a href="http://cwe.mitre.or
|
04-02-2015 - 05:09 | 02-02-2015 - 16:59 |