Max CVSS 9.3 Min CVSS 3.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2004-0595 6.8
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explore
30-10-2018 - 16:25 27-07-2004 - 04:00
CVE-2005-0088 7.5
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
19-10-2018 - 15:31 02-05-2005 - 04:00
CVE-2006-2313 7.5
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte charact
18-10-2018 - 16:39 24-05-2006 - 10:06
CVE-2006-5868 9.3
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
17-10-2018 - 17:51 22-11-2006 - 01:07
CVE-2007-5269 5.0
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle
15-10-2018 - 21:42 08-10-2007 - 21:17
CVE-2005-1990 5.1
Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, inc
12-10-2018 - 21:36 10-08-2005 - 04:00
CVE-2009-0387 9.3
Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute ar
11-10-2018 - 21:01 02-02-2009 - 19:30
CVE-2005-3257 4.6
The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using
03-10-2018 - 21:31 18-10-2005 - 22:02
CVE-2005-3313 5.0
The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service (infinite loop).
11-10-2017 - 01:30 01-11-2005 - 12:47
CVE-2009-0358 3.3
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser
29-09-2017 - 01:33 04-02-2009 - 19:30
CVE-2009-3560 5.0
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that
19-09-2017 - 01:29 04-12-2009 - 21:30
Back to Top Mark selected
Back to Top