Max CVSS 7.5 Min CVSS 5.0 Total Count6
IDCVSSSummaryLast (major) updatePublished
CVE-2018-5764 5.0
The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass an argument-sanitization protection mechanism.
17-01-2018 - 17:29 17-01-2018 - 17:29
CVE-2017-1000024 5.0
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission
17-07-2017 - 09:18 17-07-2017 - 09:18
CVE-2016-0747 5.0
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution.
05-12-2016 - 22:05 15-02-2016 - 14:59
CVE-2016-0746 7.5
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response relate
05-12-2016 - 22:05 15-02-2016 - 14:59
CVE-2016-0742 5.0
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response.
05-12-2016 - 22:05 15-02-2016 - 14:59
CVE-2010-2263 5.0
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
18-06-2010 - 01:36 15-06-2010 - 10:04
Back to Top Mark selected
Back to Top