Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-11770 | 5.0 |
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by improperly parsing certificate data. A denial of service vulnerability exists when .NET Core improperly
|
16-04-2019 - 20:01 | 15-11-2017 - 03:29 | |
CVE-2006-0031 | 5.1 |
Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, whi
|
19-10-2018 - 15:42 | 14-03-2006 - 23:02 | |
CVE-2006-1226 | 4.3 |
Cross-site scripting (XSS) vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
|
18-10-2018 - 16:31 | 14-03-2006 - 19:06 | |
CVE-2006-1217 | 7.5 |
SQL injection vulnerability in DSPoll 1.1 allows remote attackers to execute arbitrary SQL commands via the pollid parameter to (1) results.php, (2) topolls.php, (3) pollit.php.
|
18-10-2018 - 16:31 | 14-03-2006 - 02:02 | |
CVE-2006-1228 | 5.1 |
Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier. This vulnerability affects Drupal versions 4.6.x bef
|
18-10-2018 - 16:31 | 14-03-2006 - 19:06 | |
CVE-2006-1242 | 5.0 |
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which b
|
18-10-2018 - 16:31 | 15-03-2006 - 17:06 | |
CVE-2006-1225 | 5.0 |
CRLF injection vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to inject headers of outgoing e-mail messages and use Drupal as a spam proxy.
|
18-10-2018 - 16:31 | 14-03-2006 - 19:06 | |
CVE-2006-1227 | 4.6 |
Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8, when menu.module is used to create a menu item, does not implement access control for the page that is referenced, which might allow remote attackers to access administrator pages.
|
18-10-2018 - 16:31 | 14-03-2006 - 19:06 | |
CVE-2006-1134 | 5.1 |
SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possibly (2) process_post.php. Successful exploitation re
|
18-10-2018 - 16:30 | 10-03-2006 - 02:02 | |
CVE-2006-0950 | 2.6 |
unalz 0.53 allows user-assisted attackers to overwrite arbitrary files via an ALZ archive with ".." (dot dot) sequences in a filename.
|
18-10-2018 - 16:29 | 13-03-2006 - 19:34 | |
CVE-2006-6754 | 6.5 |
Multiple SQL injection vulnerabilities in Ixprim 1.2 allow remote attackers to execute arbitrary SQL commands via the story_id parameter to ixm_ixpnews.php, and unspecified other vectors. Successful exploitation reportedly requires load_file privileg
|
17-10-2018 - 21:49 | 27-12-2006 - 01:28 | |
CVE-2006-0024 | 5.1 |
Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
|
12-10-2018 - 21:38 | 15-03-2006 - 16:06 | |
CVE-2000-1023 | 7.5 |
The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program.
|
19-12-2017 - 02:29 | 11-12-2000 - 05:00 | |
CVE-2006-1243 | 7.5 |
Directory traversal vulnerability in install05.php in Simple PHP Blog (SPB) 0.4.7.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in the blog_language para
|
19-10-2017 - 01:29 | 15-03-2006 - 17:06 | |
CVE-2016-4210 | 10.0 |
Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code vi
|
01-09-2017 - 01:29 | 13-07-2016 - 02:00 | |
CVE-2013-4229 | 2.1 |
Cross-site scripting (XSS) vulnerability in the Monster Menus module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated users with permissions to add pages to inject arbitrary web script or HTML via a title in the page settings.
|
29-08-2017 - 01:33 | 21-08-2013 - 14:55 | |
CVE-2004-0950 | 5.0 |
NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp HELO request, or (2) when responses are disabled, a "custom" HELO request.
|
11-07-2017 - 01:30 | 09-02-2005 - 05:00 | |
CVE-2014-8514 | 7.5 |
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7 allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8513 and CVE-2014-9188. NOTE: this ma
|
31-12-2016 - 02:59 | 27-12-2014 - 15:59 |