| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-3437 | 6.6 |
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dere
|
13-02-2023 - 04:24 | 04-10-2010 - 21:00 | |
| CVE-2014-3704 | 7.5 |
The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.
|
29-09-2021 - 14:08 | 16-10-2014 - 00:55 | |
| CVE-2018-14840 | 4.3 |
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).
|
08-11-2018 - 20:49 | 02-08-2018 - 01:29 | |
| CVE-2008-0804 | 6.8 |
PHP remote file inclusion vulnerability in usrgetform.html in Thecus N5200Pro NAS Server allows remote attackers to execute arbitrary PHP code via a URL in the name parameter.
|
29-09-2017 - 01:30 | 19-02-2008 - 00:00 |