| Max CVSS | 10.0 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-3886 | 4.3 |
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtai
|
18-02-2022 - 18:39 | 08-10-2010 - 22:00 | |
| CVE-2010-1321 | 6.8 |
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allo
|
02-02-2021 - 18:53 | 19-05-2010 - 18:30 | |
| CVE-2008-2662 | 10.0 |
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or
|
01-11-2018 - 15:02 | 24-06-2008 - 19:41 | |
| CVE-2010-2660 | 4.3 |
Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict certain uses of homograph characters in domain names, which makes it easier for remote attackers to spoof IDN domains via unspecified choices o
|
30-10-2018 - 16:26 | 08-07-2010 - 12:54 | |
| CVE-2002-1323 | 4.6 |
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
|
30-10-2018 - 16:25 | 11-12-2002 - 05:00 | |
| CVE-2008-3655 | 7.5 |
Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended
|
11-10-2018 - 20:48 | 13-08-2008 - 01:41 | |
| CVE-2006-2453 | 7.5 |
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480.
|
03-10-2018 - 21:40 | 28-05-2006 - 10:06 | |
| CVE-2005-2702 | 7.5 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
|
11-10-2017 - 01:30 | 23-09-2005 - 19:03 | |
| CVE-2005-0175 | 5.0 |
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
|
11-10-2017 - 01:29 | 07-02-2005 - 05:00 | |
| CVE-2008-4060 | 7.5 |
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vector
|
29-09-2017 - 01:31 | 24-09-2008 - 20:37 | |
| CVE-2010-2283 | 3.3 |
The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL P
|
19-09-2017 - 01:31 | 15-06-2010 - 14:04 |