| Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4302 | 4.9 |
fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local users to cause a deni
|
15-02-2024 - 20:24 | 29-09-2008 - 17:17 | |
| CVE-2010-0001 | 6.8 |
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra
|
13-02-2023 - 02:20 | 29-01-2010 - 18:30 | |
| CVE-2005-3388 | 4.3 |
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
|
23-06-2020 - 03:15 | 01-11-2005 - 12:47 | |
| CVE-2008-3111 | 10.0 |
Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Update 4, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allow context-dependent attackers to gain privileges via an untrusted application, as demonstrat
|
30-10-2018 - 16:26 | 09-07-2008 - 23:41 | |
| CVE-2006-0645 | 7.5 |
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by inva
|
19-10-2018 - 15:45 | 10-02-2006 - 18:06 | |
| CVE-2006-2785 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a "View Image" on a broken image in which the SRC attribute
|
18-10-2018 - 16:42 | 02-06-2006 - 19:02 | |
| CVE-2003-0806 | 7.5 |
Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
|
12-10-2018 - 21:33 | 01-06-2004 - 04:00 | |
| CVE-2008-3663 | 5.0 |
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
|
11-10-2018 - 20:49 | 24-09-2008 - 14:56 | |
| CVE-2009-0584 | 9.3 |
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (applic
|
10-10-2018 - 19:29 | 23-03-2009 - 20:00 | |
| CVE-2007-2683 | 3.5 |
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.
|
11-10-2017 - 01:32 | 15-05-2007 - 21:19 | |
| CVE-2007-6282 | 7.1 |
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
|
29-09-2017 - 01:29 | 08-05-2008 - 00:20 |