| Max CVSS | 9.3 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-7981 | 9.0 |
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, an
|
03-10-2019 - 00:03 | 29-04-2017 - 16:59 | |
| CVE-2017-3599 | 7.8 |
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows unauthenticated attacker
|
03-10-2019 - 00:03 | 24-04-2017 - 19:59 | |
| CVE-2017-8291 | 6.8 |
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in
|
05-01-2018 - 02:31 | 27-04-2017 - 01:59 | |
| CVE-2008-6898 | 9.3 |
Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecif
|
29-09-2017 - 01:33 | 05-08-2009 - 22:30 | |
| CVE-2007-3934 | 7.5 |
PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote attackers to execute arbitrary PHP code via a URL in the p_mode parameter.
|
29-09-2017 - 01:29 | 21-07-2007 - 00:30 |