Max CVSS 9.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2017-5255 9.0
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for certain parameters on the web management console allows any authenticated user (including the otherwise low-privilege readonly user) to inject shell meta-chara
09-10-2019 - 23:28 20-12-2017 - 22:29
CVE-2007-1380 5.0
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, w
30-10-2018 - 16:25 10-03-2007 - 00:19
CVE-2014-4971 7.2
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the M
12-10-2018 - 22:07 26-07-2014 - 15:55
CVE-2014-0226 6.8
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a cr
09-12-2017 - 02:29 20-07-2014 - 11:12
CVE-2014-3085 7.1
systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter.
29-08-2017 - 01:34 17-08-2014 - 23:55
CVE-2014-3081 6.3
prodtest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to read arbitrary files via the filename parameter.
29-08-2017 - 01:34 17-08-2014 - 23:55
CVE-2014-3080 4.3
Multiple cross-site scripting (XSS) vulnerabilities on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to kvm.cgi or (2) the
29-08-2017 - 01:34 17-08-2014 - 23:55
CVE-2014-4699 6.9
The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain p
01-08-2014 - 05:10 09-07-2014 - 11:07
Back to Top Mark selected
Back to Top