| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-9806 | 6.8 |
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu
|
07-02-2022 - 16:28 | 20-11-2017 - 17:29 | |
| CVE-2017-12607 | 6.8 |
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary c
|
07-02-2022 - 16:27 | 20-11-2017 - 19:29 | |
| CVE-2017-12608 | 6.8 |
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resu
|
07-02-2022 - 16:17 | 20-11-2017 - 20:29 | |
| CVE-2005-4260 | 4.3 |
Interpretation conflict in includes/mainfile.php in PHP-Nuke 7.9 and later allows remote attackers to perform cross-site scripting (XSS) attacks by replacing the ">" in the tag with a "<", which bypasses the regular expressions that sanitize the data
|
19-10-2018 - 15:40 | 15-12-2005 - 11:03 | |
| CVE-2016-3245 | 4.3 |
Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
| CVE-2008-4517 | 7.5 |
SQL injection vulnerability in leggi.php in geccBBlite 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-09-2017 - 01:32 | 09-10-2008 - 18:14 | |
| CVE-2005-4165 | 7.5 |
Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum allow remote attackers to execute arbitrary SQL commands via the (1) forum_id parameter to forum.asp, (2) unspecified parameters to register.asp, and (3) the "Search For" field in
|
20-07-2017 - 01:29 | 11-12-2005 - 21:03 | |
| CVE-2005-4259 | 7.5 |
Multiple SQL injection vulnerabilities in ASPBB 0.4 allow remote attackers to execute arbitrary SQL commands via the (1) TID parameter in topic.asp, (2) FORUM_ID parameter in forum.asp, and (3) PROFILE_ID parameter in profile.asp. NOTE: the provenan
|
20-07-2017 - 01:29 | 15-12-2005 - 11:03 | |
| CVE-2012-0916 | 9.3 |
Heap-based buffer overflow in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via a crafted image in a chat message, as demonstrated using a PNG file.
|
25-01-2012 - 18:48 | 24-01-2012 - 18:55 | |
| CVE-2012-0915 | 9.3 |
Integer signedness error in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via crafted dimensions of a skin file, leading to a heap-based buffer overflow, as demonstrated using a BMP image.
|
25-01-2012 - 05:00 | 24-01-2012 - 18:55 | |
| CVE-2005-4336 | 4.3 |
Cross-site scripting (XSS) vulnerability in ProjectForum 4.7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) fwd parameter in admin/adminsignin.html and (2) originalpageid parameter in admin/newpage.html assoc
|
08-03-2011 - 02:28 | 17-12-2005 - 11:03 | |
| CVE-2005-4236 | 4.3 |
Cross-site scripting (XSS) vulnerability in search.php in CKGOLD allows remote attackers to inject arbitrary web script or HTML via the search parameters.
|
08-03-2011 - 02:27 | 14-12-2005 - 11:03 | |
| CVE-2005-4235 | 4.3 |
Cross-site scripting (XSS) vulnerability in knowledgebase.php in WHMCompleteSolution 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameters.
|
08-03-2011 - 02:27 | 14-12-2005 - 11:03 | |
| CVE-2005-4237 | 4.3 |
Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
|
08-03-2011 - 02:27 | 14-12-2005 - 11:03 | |
| CVE-2005-4264 | 7.5 |
Multiple SQL injection vulnerabilities in index.php in PHP Support Tickets 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password fields, and (3) id parameter.
|
08-03-2011 - 02:27 | 15-12-2005 - 11:03 | |
| CVE-2005-4262 | 4.3 |
Cross-site scripting (XSS) vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the (1) startrow and (2) catid parameter. NOTE: this issue might be resultant from the SQL injection problem
|
08-03-2011 - 02:27 | 15-12-2005 - 11:03 | |
| CVE-2005-4263 | 7.5 |
SQL injection vulnerability in the News module in Envolution allows remote attackers to execute arbitrary SQL commands via the (1) startrow and (2) catid parameter.
|
07-03-2011 - 05:00 | 15-12-2005 - 11:03 | |
| CVE-2005-4296 | 7.8 |
AppServ Open Project 2.5.3 allows remote attackers to cause a denial of service via a large HTTP request.
|
05-09-2008 - 20:56 | 16-12-2005 - 11:03 | |
| CVE-2005-4256 | 4.3 |
Cross-site scripting (XSS) vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forum_title parameter. NOTE: the provenance of this issue is unknown; the details are obtained solel
|
05-09-2008 - 20:56 | 15-12-2005 - 11:03 | |
| CVE-2000-0763 | 7.2 |
xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.
|
05-09-2008 - 20:21 | 20-10-2000 - 04:00 |