| Max CVSS | 8.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-4345 | 8.5 |
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authe
|
21-01-2020 - 15:46 | 14-08-2014 - 05:01 | |
| CVE-2014-3522 | 4.0 |
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to
|
30-10-2018 - 16:27 | 19-08-2014 - 18:55 | |
| CVE-2002-0681 | 7.5 |
Cross-site scripting vulnerability in GoAhead Web Server 2.1 allows remote attackers to execute script as other web users via script in a URL that generates a "404 not found" message, which does not quote the script.
|
20-12-2017 - 02:29 | 23-07-2002 - 04:00 | |
| CVE-2002-1951 | 7.5 |
Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a long HTTP GET request with a large number of subdirectories.
|
20-12-2017 - 02:29 | 31-12-2002 - 05:00 | |
| CVE-2002-0680 | 5.0 |
Directory traversal vulnerability in GoAhead Web Server 2.1 allows remote attackers to read arbitrary files via a URL with an encoded / (%5C) in a .. (dot dot) sequence. NOTE: it is highly likely that this candidate will be REJECTED because it has b
|
20-12-2017 - 02:29 | 23-07-2002 - 04:00 | |
| CVE-2001-0228 | 5.0 |
Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request.
|
20-12-2017 - 02:29 | 03-05-2001 - 04:00 | |
| CVE-2001-0385 | 5.0 |
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
|
20-12-2017 - 02:29 | 02-07-2001 - 04:00 | |
| CVE-2006-5020 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoiceP
|
19-10-2017 - 01:29 | 27-09-2006 - 23:07 | |
| CVE-2014-5269 | 5.0 |
Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static.
|
08-09-2014 - 14:47 | 04-09-2014 - 17:55 | |
| CVE-2005-3842 | 7.5 |
SQL injection vulnerability in index.php in pdjk-support suite 1.1a and earlier allows remote attackers to execute arbitrary SQL commands via the (1) rowstart, (2) news_id, and (3) faq_id parameters.
|
08-03-2011 - 02:27 | 26-11-2005 - 22:03 | |
| CVE-1999-0160 | 7.5 |
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
|
09-09-2008 - 12:33 | 01-10-1997 - 04:00 |