| Max CVSS | 9.3 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-1895 | 7.2 |
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to l
|
13-02-2023 - 02:20 | 16-07-2009 - 15:30 | |
| CVE-2001-0590 | 5.0 |
Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
|
10-10-2017 - 01:29 | 02-08-2001 - 04:00 | |
| CVE-2009-3750 | 7.5 |
SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter.
|
19-09-2017 - 01:29 | 22-10-2009 - 17:30 | |
| CVE-2009-3534 | 6.8 |
Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.
|
19-09-2017 - 01:29 | 02-10-2009 - 19:30 | |
| CVE-2013-2577 | 9.3 |
Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file.
|
29-08-2017 - 01:33 | 09-08-2013 - 21:55 |