| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-9266 | 10.0 |
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this v
|
12-08-2021 - 16:43 | 05-09-2018 - 20:29 | |
| CVE-2016-1593 | 6.5 |
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-
|
09-10-2018 - 19:59 | 22-04-2016 - 10:59 | |
| CVE-2017-0147 | 4.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
21-06-2018 - 01:29 | 17-03-2017 - 00:59 | |
| CVE-2017-0143 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
21-06-2018 - 01:29 | 17-03-2017 - 00:59 | |
| CVE-2017-0146 | 9.3 |
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to
|
21-06-2018 - 01:29 | 17-03-2017 - 00:59 | |
| CVE-2016-10709 | 9.0 |
pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php.
|
09-02-2018 - 20:18 | 22-01-2018 - 04:29 | |
| CVE-2007-2854 | 7.5 |
Multiple SQL injection vulnerabilities in account_change.php in BtiTracker 1.4.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) style or (2) langue parameter.
|
11-10-2017 - 01:32 | 24-05-2007 - 19:30 | |
| CVE-2016-1531 | 6.9 |
Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
|
08-09-2017 - 01:29 | 07-04-2016 - 23:59 | |
| CVE-2010-2459 | 7.5 |
SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter.
|
17-08-2017 - 01:32 | 25-06-2010 - 21:30 | |
| CVE-2010-2458 | 4.3 |
Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.
|
17-08-2017 - 01:32 | 25-06-2010 - 21:30 |