| Max CVSS | 7.5 | Min CVSS | 1.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-3005 | 7.5 |
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in
|
21-02-2018 - 14:57 | 01-02-2018 - 17:29 | |
| CVE-2006-2568 | 5.1 |
PHP remote file inclusion vulnerability in addpost_newpoll.php in UBB.threads 6.4 through 6.5.2 and 6.5.1.1 (trial) allows remote attackers to execute arbitrary PHP code via a URL in the thispath parameter.
|
19-10-2017 - 01:29 | 24-05-2006 - 23:02 | |
| CVE-2011-1637 | 1.5 |
Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.2.1 do not properly verify signatures for software images, which allows local users to gain privileges via a crafted image, aka Bug ID CSCtn65962.
|
17-08-2017 - 01:34 | 02-06-2011 - 20:55 | |
| CVE-2003-0456 | 5.0 |
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe.
|
11-07-2017 - 01:29 | 18-08-2003 - 04:00 | |
| CVE-2017-5924 | 5.0 |
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function.
|
02-05-2017 - 01:59 | 03-04-2017 - 05:59 |