Max CVSS 10.0 Min CVSS 3.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2002-0648 5.0
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.
23-07-2021 - 12:55 24-09-2002 - 04:00
CVE-2010-3253 10.0
The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
04-08-2020 - 19:35 07-09-2010 - 18:00
CVE-2009-1833 9.3
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vec
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2005-3389 5.0
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one parameter, allows remote attackers to enable the register_globals directive via inputs that cause a request to be terminated due to the memory_limit setting,
30-10-2018 - 16:25 01-11-2005 - 12:47
CVE-2007-5334 4.3
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attr
15-10-2018 - 21:42 21-10-2007 - 20:17
CVE-2008-2327 6.8
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file,
11-10-2018 - 20:40 27-08-2008 - 20:41
CVE-2006-3744 5.1
Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun Rasterfile (bitmap) images that trigger heap-based buffer overflows.
11-10-2017 - 01:31 25-08-2006 - 01:04
CVE-2007-1716 3.4
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
11-10-2017 - 01:31 27-03-2007 - 22:19
CVE-2010-2285 3.3
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NU
19-09-2017 - 01:31 15-06-2010 - 14:04
CVE-2010-0420 4.3
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nick
19-09-2017 - 01:30 24-02-2010 - 18:30
CVE-2009-3881 7.5
Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak v
19-09-2017 - 01:29 09-11-2009 - 19:30
Back to Top Mark selected
Back to Top