| Max CVSS | 10.0 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-2581 | 4.3 |
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multip
|
12-08-2022 - 18:04 | 18-01-2018 - 02:29 | |
| CVE-2008-5395 | 4.9 |
The parisc_show_stack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service (system crash) via vectors associated with an attempt to unwind a stack that contains usersp
|
30-10-2018 - 16:26 | 09-12-2008 - 00:30 | |
| CVE-2005-0546 | 7.5 |
Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow i
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
| CVE-2007-5919 | 5.0 |
MyWebFTP, possibly 5.3.2, stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain an MD5 password hash via a direct request for pass/pass.txt.
|
15-10-2018 - 21:47 | 10-11-2007 - 02:46 | |
| CVE-2007-5395 | 10.0 |
Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through t
|
15-10-2018 - 21:44 | 08-11-2007 - 02:46 | |
| CVE-2001-0675 | 5.0 |
Rit Research Labs The Bat! 1.51 for Windows allows a remote attacker to cause a denial of service by sending an email to a user's account containing a carriage return <CR> that is not followed by a line feed <LF>.
|
10-10-2017 - 01:29 | 20-09-2001 - 04:00 | |
| CVE-2007-5392 | 9.3 |
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
|
29-09-2017 - 01:29 | 08-11-2007 - 02:46 | |
| CVE-2007-5393 | 9.3 |
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
|
29-09-2017 - 01:29 | 08-11-2007 - 02:46 | |
| CVE-2007-5974 | 7.5 |
SQL injection vulnerability in mailer.php in JPortal 2 allows remote attackers to execute arbitrary SQL commands via the to parameter.
|
29-09-2017 - 01:29 | 15-11-2007 - 00:46 | |
| CVE-2007-4352 | 7.6 |
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code v
|
29-09-2017 - 01:29 | 08-11-2007 - 02:46 | |
| CVE-2007-4129 | 3.3 |
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files in the /tmp/.pk11ipc1/ directory.
|
29-09-2017 - 01:29 | 08-11-2007 - 11:46 | |
| CVE-2007-5957 | 4.9 |
Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests.
|
29-07-2017 - 01:33 | 14-11-2007 - 11:46 | |
| CVE-2007-5956 | 7.2 |
Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable.
|
29-07-2017 - 01:33 | 14-11-2007 - 11:46 | |
| CVE-2007-5891 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) requestid, (2) fileid, (3) woMode, and (2) woID para
|
29-07-2017 - 01:33 | 08-11-2007 - 02:46 | |
| CVE-2007-5893 | 5.0 |
HTTPSocket.cpp in the C++ Sockets Library before 2.2.5 allows remote attackers to cause a denial of service (crash) via an HTTP request with a missing protocol version number, which triggers an exception. NOTE: some of these details were obtained fro
|
29-07-2017 - 01:33 | 08-11-2007 - 02:46 | |
| CVE-2007-5920 | 6.8 |
index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload f
|
29-07-2017 - 01:33 | 10-11-2007 - 02:46 | |
| CVE-2007-5581 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified MeetingPlace 5.4 and earlier and 6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) FirstName and (2) LastName parameters.
|
29-07-2017 - 01:33 | 08-11-2007 - 02:46 | |
| CVE-2016-4266 | 10.0 |
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of se
|
28-11-2016 - 20:17 | 26-08-2016 - 19:59 | |
| CVE-2012-4868 | 7.5 |
SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
07-09-2012 - 04:00 | 06-09-2012 - 17:55 | |
| CVE-2007-1077 | 7.5 |
SQL injection vulnerability in page.asp in Design4Online UserPages2 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from thi
|
15-11-2008 - 06:43 | 22-02-2007 - 23:28 |