Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-0476 | 10.0 |
The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption an
|
26-02-2019 - 14:04 | 14-04-2010 - 16:00 | |
CVE-2006-4053 | 5.1 |
PHP remote file inclusion vulnerability in templates/header.php in ME Download System 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the Vb8878b936c2bd8ae0cab parameter. Successful exploitation requires that "register_globals"
|
17-10-2018 - 21:33 | 10-08-2006 - 00:04 | |
CVE-2016-7942 | 7.5 |
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
|
13-09-2018 - 10:29 | 13-12-2016 - 20:59 | |
CVE-2016-7943 | 7.5 |
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
|
13-09-2018 - 10:29 | 13-12-2016 - 20:59 | |
CVE-2003-0965 | 6.8 |
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
|
11-10-2017 - 01:29 | 17-02-2004 - 05:00 | |
CVE-2017-9986 | 7.2 |
The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer b
|
01-07-2017 - 01:30 | 28-06-2017 - 06:29 | |
CVE-2016-7949 | 7.5 |
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
|
01-07-2017 - 01:30 | 13-12-2016 - 20:59 | |
CVE-2016-7945 | 5.0 |
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
|
01-07-2017 - 01:30 | 13-12-2016 - 20:59 | |
CVE-2016-7944 | 7.5 |
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
|
01-07-2017 - 01:30 | 13-12-2016 - 20:59 | |
CVE-2016-7950 | 7.5 |
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
|
01-07-2017 - 01:30 | 13-12-2016 - 20:59 | |
CVE-2016-7947 | 7.5 |
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
|
01-07-2017 - 01:30 | 13-12-2016 - 20:59 | |
CVE-2016-5407 | 7.5 |
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
|
01-07-2017 - 01:29 | 13-12-2016 - 20:59 | |
CVE-2016-7968 | 7.5 |
KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. HTML Mail contents were not sanitized for JavaScript and included code was executed.
|
27-12-2016 - 18:50 | 23-12-2016 - 22:59 | |
CVE-2016-7966 | 7.5 |
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which gre
|
27-12-2016 - 18:42 | 23-12-2016 - 22:59 | |
CVE-2016-7967 | 5.8 |
KMail since version 5.3.0 used a QWebEngine based viewer that had JavaScript enabled. Since the generated html is executed in the local file security context by default access to remote and local URLs was enabled.
|
27-12-2016 - 18:42 | 23-12-2016 - 22:59 |