Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-2932 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in BoastMachine allows remote attackers to inject arbitrary web script or HTML via the blog parameter in a content search action.
|
30-06-2021 - 05:15 | 31-05-2007 - 00:30 | |
CVE-2017-13209 | 7.2 |
In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a
|
24-08-2020 - 17:37 | 12-01-2018 - 23:29 | |
CVE-2017-13208 | 10.0 |
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. Us
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2013-5960 | 5.8 |
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with serialized ciphertext, which makes it easier for remote a
|
04-02-2019 - 16:33 | 30-09-2013 - 17:09 | |
CVE-2007-2451 | 5.0 |
Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.
|
30-10-2018 - 16:25 | 29-05-2007 - 20:30 | |
CVE-2007-2879 | 4.3 |
Cross-site scripting (XSS) vulnerability in mods.php in GTP GNUTurk Portal System 3G allows remote attackers to inject arbitrary web script or HTML via the month parameter.
|
16-10-2018 - 16:46 | 29-05-2007 - 20:30 | |
CVE-2007-2846 | 9.3 |
Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around."
|
16-10-2018 - 16:45 | 24-05-2007 - 18:30 | |
CVE-2015-0045 | 9.3 |
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than
|
12-10-2018 - 22:08 | 11-02-2015 - 03:00 | |
CVE-2017-13211 | 7.8 |
In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received. This could lead to a remote denial of service of a critical system process with no additional execu
|
06-02-2018 - 14:42 | 12-01-2018 - 23:29 | |
CVE-2017-13210 | 7.2 |
In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional exe
|
30-01-2018 - 19:34 | 12-01-2018 - 23:29 | |
CVE-2007-0812 | 7.5 |
SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0] parameter.
|
19-10-2017 - 01:30 | 07-02-2007 - 11:28 | |
CVE-2007-2946 | 10.0 |
Buffer overflow in a certain ActiveX control in LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long DestinationPath prop
|
11-10-2017 - 01:32 | 31-05-2007 - 00:30 | |
CVE-2007-5579 | 7.5 |
login.php in Pligg CMS 9.5 uses a guessable confirmation code when resetting a forgotten password, which allows remote attackers with knowledge of a username to reset that user's password by calculating the confirmationcode parameter.
|
29-07-2017 - 01:33 | 18-10-2007 - 22:17 | |
CVE-2007-2386 | 9.4 |
Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet.
|
29-07-2017 - 01:31 | 24-05-2007 - 22:30 | |
CVE-2013-5679 | 2.6 |
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote att
|
06-05-2016 - 00:14 | 30-09-2013 - 17:09 | |
CVE-2008-5143 | 6.9 |
mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/*.debug or (2) /tmp/*.env temporary file.
|
03-12-2008 - 06:46 | 18-11-2008 - 16:00 | |
CVE-2001-0297 | 5.0 |
Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
|
05-09-2008 - 20:23 | 03-05-2001 - 04:00 |