| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-2370 | 5.0 |
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traver
|
13-02-2023 - 02:19 | 04-08-2008 - 01:41 | |
| CVE-2005-3053 | 2.1 |
The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument.
|
13-02-2023 - 02:15 | 26-09-2005 - 19:03 | |
| CVE-2007-2449 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote att
|
25-03-2019 - 11:29 | 14-06-2007 - 23:30 | |
| CVE-2008-0412 | 9.3 |
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF
|
15-10-2018 - 21:59 | 08-02-2008 - 22:00 | |
| CVE-2007-4029 | 6.8 |
libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type, which triggers an out-of-bounds read in the vorbis_info_clear function in info.c, and (2) inva
|
15-10-2018 - 21:32 | 26-07-2007 - 22:30 | |
| CVE-2005-1208 | 10.0 |
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer ov
|
12-10-2018 - 21:36 | 14-06-2005 - 04:00 | |
| CVE-2008-1927 | 5.0 |
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain oper
|
11-10-2018 - 20:37 | 24-04-2008 - 05:05 | |
| CVE-2004-0414 | 10.0 |
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2007-4619 | 9.3 |
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memo
|
29-09-2017 - 01:29 | 12-10-2007 - 21:17 | |
| CVE-2009-2471 | 10.0 |
The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.
|
19-09-2017 - 01:29 | 22-07-2009 - 18:30 |