Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-4465 | 4.3 |
Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using t
|
19-01-2024 - 15:13 | 14-09-2007 - 00:17 | |
CVE-2009-1185 | 7.2 |
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
|
13-02-2023 - 02:19 | 17-04-2009 - 14:30 | |
CVE-2007-3223 | 7.8 |
Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk
|
30-10-2018 - 16:25 | 14-06-2007 - 23:30 | |
CVE-2005-2876 | 7.2 |
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just
|
19-10-2018 - 15:34 | 13-09-2005 - 23:03 | |
CVE-2006-1729 | 4.3 |
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file
|
18-10-2018 - 16:34 | 14-04-2006 - 10:02 | |
CVE-2007-4897 | 5.0 |
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was ori
|
15-10-2018 - 21:38 | 14-09-2007 - 18:17 | |
CVE-2008-3825 | 4.4 |
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME en
|
11-10-2018 - 20:49 | 03-10-2008 - 15:07 | |
CVE-2008-3103 | 9.3 |
Unspecified vulnerability in the Java Management Extensions (JMX) management agent in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier and JDK and JRE 5.0 Update 15 and earlier, when local monitoring is enabled, allows remote
|
11-10-2018 - 20:45 | 09-07-2008 - 23:41 | |
CVE-2005-0244 | 6.5 |
PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
CVE-2005-0455 | 5.1 |
Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMI
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
CVE-2010-1121 | 10.0 |
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involv
|
19-09-2017 - 01:30 | 25-03-2010 - 21:00 |