Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-4030 | 4.4 |
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks
|
13-02-2023 - 02:20 | 30-11-2009 - 17:30 | |
CVE-2009-4028 | 6.8 |
The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary
|
17-12-2019 - 20:26 | 30-11-2009 - 17:30 | |
CVE-2009-4019 | 4.0 |
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use
|
17-12-2019 - 20:26 | 30-11-2009 - 17:30 | |
CVE-2009-0819 | 4.0 |
sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," wh
|
17-12-2019 - 20:23 | 05-03-2009 - 02:30 | |
CVE-2004-1319 | 5.0 |
The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into other domains by setting a name for a window, opening a child page whose target is the window with the given name, then injecting the script from the par
|
30-04-2019 - 14:27 | 15-12-2004 - 05:00 | |
CVE-2004-0901 | 10.0 |
Microsoft Word for Windows 6.0 Converter (MSWRD632.WPC), as used in WordPad, does not properly validate certain data lengths, which allows remote attackers to execute arbitrary code via a .wri, .rtf, and .doc file sent by email or malicious web site,
|
30-04-2019 - 14:27 | 10-01-2005 - 05:00 | |
CVE-2008-3005 | 9.3 |
Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array
|
30-10-2018 - 16:26 | 12-08-2008 - 23:41 | |
CVE-2007-1747 | 9.3 |
Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption.
|
16-10-2018 - 16:40 | 08-05-2007 - 23:19 | |
CVE-2013-3179 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-3180 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability."
|
12-10-2018 - 22:04 | 11-09-2013 - 14:03 | |
CVE-2013-1328 | 9.3 |
Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."
|
12-10-2018 - 22:04 | 15-05-2013 - 03:36 | |
CVE-2012-1863 | 4.3 |
Cross-site scripting (XSS) vulnerability in Microsoft Office SharePoint Server 2007 SP2 and SP3 Windows SharePoint Services 3.0 SP2, and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrary web script or HTML via crafte
|
12-10-2018 - 22:02 | 10-07-2012 - 21:55 | |
CVE-2008-3021 | 9.3 |
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field,
|
12-10-2018 - 21:47 | 12-08-2008 - 23:41 | |
CVE-2008-3007 | 9.3 |
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "
|
12-10-2018 - 21:47 | 11-09-2008 - 01:11 | |
CVE-2008-0114 | 9.3 |
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption.
|
12-10-2018 - 21:44 | 11-03-2008 - 23:44 | |
CVE-2012-1511 | 4.3 |
Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
06-12-2017 - 02:29 | 16-03-2012 - 20:55 | |
CVE-2012-5978 | 5.0 |
Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors.
|
19-09-2017 - 01:35 | 19-12-2012 - 11:56 | |
CVE-2011-1138 | 4.3 |
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.
|
19-09-2017 - 01:32 | 03-03-2011 - 01:00 | |
CVE-2010-5074 | 4.3 |
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for
|
19-09-2017 - 01:31 | 07-12-2011 - 19:55 | |
CVE-2010-1143 | 4.3 |
Cross-site scripting (XSS) vulnerability in VMware View (formerly Virtual Desktop Manager or VDM) 3.1.x before 3.1.3 build 252693 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
19-09-2017 - 01:30 | 07-05-2010 - 18:24 | |
CVE-2010-0163 | 4.3 |
Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly
|
19-09-2017 - 01:30 | 23-03-2010 - 00:53 |