| Max CVSS | 9.3 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-1308 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in
|
13-02-2023 - 02:20 | 22-04-2009 - 18:30 | |
| CVE-2008-5515 | 5.0 |
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to b
|
13-02-2023 - 02:19 | 16-06-2009 - 21:00 | |
| CVE-2009-3301 | 9.3 |
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word d
|
07-02-2022 - 17:06 | 16-02-2010 - 19:30 | |
| CVE-2006-2782 | 4.3 |
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote attackers to read arbitrary files by inserting the target filename into a text box, then turning that box into a file upload control. Fixed in: Firefox 1.5
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
| CVE-2006-1740 | 2.6 |
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing
|
18-10-2018 - 16:35 | 14-04-2006 - 10:02 | |
| CVE-2007-2797 | 2.1 |
xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals.
|
16-10-2018 - 16:45 | 27-08-2007 - 17:17 | |
| CVE-2007-4131 | 6.8 |
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
|
15-10-2018 - 21:33 | 25-08-2007 - 00:17 | |
| CVE-2004-1058 | 1.2 |
Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.
|
03-10-2018 - 21:29 | 10-01-2005 - 05:00 | |
| CVE-2004-0180 | 2.6 |
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
|
03-05-2018 - 01:29 | 01-06-2004 - 04:00 | |
| CVE-2007-3379 | 2.1 |
Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.
|
11-10-2017 - 01:32 | 17-09-2007 - 17:17 | |
| CVE-2005-0090 | 2.1 |
A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 |