| Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-2172 | 4.7 |
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, I
|
19-10-2018 - 18:59 | 22-04-2007 - 19:19 | |
| CVE-2007-2300 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) in
|
16-10-2018 - 16:43 | 26-04-2007 - 21:19 | |
| CVE-2007-2100 | 10.0 |
FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/Gdb.mdb.
|
16-10-2018 - 16:41 | 18-04-2007 - 10:19 | |
| CVE-2001-0361 | 4.0 |
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1
|
03-05-2018 - 01:29 | 27-06-2001 - 04:00 | |
| CVE-2017-17215 | 6.5 |
Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code.
|
19-04-2018 - 15:04 | 20-03-2018 - 15:29 | |
| CVE-2007-0680 | 7.5 |
PHP remote file inclusion vulnerability in includes/functions.php in Phpbb Tweaked 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
|
19-10-2017 - 01:30 | 03-02-2007 - 01:28 | |
| CVE-2007-2313 | 7.5 |
PHP remote file inclusion vulnerability in getinfo1.php in the Shotcast 1.0 RC2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.
|
11-10-2017 - 01:32 | 26-04-2007 - 21:19 | |
| CVE-2008-5297 | 7.6 |
Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function.
|
29-09-2017 - 01:32 | 01-12-2008 - 15:30 | |
| CVE-2016-2989 | 5.8 |
Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM WebSphere Portal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
01-09-2017 - 01:29 | 08-08-2016 - 01:59 | |
| CVE-2012-1655 | 4.0 |
Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment module 6.x-1.0 for Drupal allows remote authenticated users to obtain account credentials via unknown attack vectors.
|
29-08-2017 - 01:31 | 18-09-2012 - 20:55 | |
| CVE-2007-2101 | 10.0 |
FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the
|
29-07-2017 - 01:31 | 18-04-2007 - 10:19 |