| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-10125 | 6.8 |
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session.
|
26-04-2023 - 19:27 | 09-01-2017 - 17:59 | |
| CVE-2016-7469 | 3.5 |
A stored cross-site scripting (XSS) vulnerability in the Configuration utility device name change page in BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, WOM and WebSafe version 12.0.0 - 1
|
06-06-2019 - 15:11 | 09-06-2017 - 15:29 | |
| CVE-2017-15294 | 4.3 |
The Java administration console in SAP CRM has XSS. This is SAP Security Note 2478964.
|
17-04-2019 - 14:33 | 16-10-2017 - 16:29 | |
| CVE-2016-9739 | 2.1 |
IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user.
|
02-05-2018 - 15:15 | 01-02-2017 - 22:59 | |
| CVE-2017-5223 | 2.1 |
An issue was discovered in PHPMailer before 5.2.22. PHPMailer's msgHTML method applies transformations to an HTML document to make it usable as an email message body. One of the transformations is to convert relative image URLs into attachments using
|
28-10-2017 - 01:29 | 16-01-2017 - 06:59 | |
| CVE-2006-4207 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in Bob Jewell Discloser 0.0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the fileloc parameter to (1) content/content.php or (2) /inc/indexhead.php.
|
19-10-2017 - 01:29 | 17-08-2006 - 21:04 | |
| CVE-2007-5606 | 10.0 |
Buffer overflow in the MoveFile function in the HPISDataManagerLib.Datamgr ActiveX control in HPISDataManager.dll in HP Instant Support before 1.0.0.24 allows remote attackers to execute arbitrary code via a long argument, a different vulnerability t
|
29-07-2017 - 01:33 | 04-06-2008 - 20:32 | |
| CVE-2016-8999 | 3.5 |
IBM InfoSphere Information Server contains a Path-relative stylesheet import vulnerability that allows attackers to render a page in quirks mode thereby facilitating an attacker to inject malicious CSS.
|
27-07-2017 - 01:29 | 01-02-2017 - 22:59 | |
| CVE-2016-9000 | 4.3 |
IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attac
|
27-07-2017 - 01:29 | 01-02-2017 - 22:59 | |
| CVE-2016-9703 | 2.1 |
IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information.
|
25-07-2017 - 01:29 | 01-02-2017 - 22:59 | |
| CVE-2016-9704 | 4.3 |
IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclo
|
25-07-2017 - 01:29 | 01-02-2017 - 22:59 | |
| CVE-2004-2342 | 5.0 |
ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using "aaaaaa".
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2014-0987 | 6.8 |
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.
|
05-08-2015 - 16:03 | 20-09-2014 - 10:55 |