| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-0283 | 7.8 |
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of
|
13-02-2023 - 00:46 | 30-03-2015 - 14:59 | |
| CVE-2017-15534 | 7.2 |
The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual
|
03-10-2019 - 00:03 | 26-03-2018 - 16:29 | |
| CVE-2007-1906 | 6.8 |
Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.
|
16-10-2018 - 16:41 | 10-04-2007 - 23:19 | |
| CVE-2016-3393 | 9.3 |
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers t
|
12-10-2018 - 22:12 | 14-10-2016 - 02:59 | |
| CVE-2010-4930 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote attackers to inject arbitrary web script or HTML via the MailType parameter in a mail/auth/processlogin action.
|
10-10-2018 - 20:08 | 09-10-2011 - 10:55 | |
| CVE-2009-0641 | 9.3 |
sys_term.c in telnetd in FreeBSD 7.0-RELEASE and other 7.x versions deletes dangerous environment variables with a method that was valid only in older FreeBSD distributions, which might allow remote attackers to execute arbitrary code by passing a cr
|
29-09-2017 - 01:33 | 20-02-2009 - 06:47 | |
| CVE-2009-5094 | 7.5 |
SQL injection vulnerability in info.php in CMS Faethon 2.2.0 Ultimate allows remote attackers to execute arbitrary SQL commands via the item parameter.
|
19-09-2017 - 01:30 | 12-09-2011 - 12:40 | |
| CVE-2009-5095 | 6.8 |
PHP remote file inclusion vulnerability in index_inc.php in ea gBook 0.1 and 0.1.4 allows remote attackers to execute arbitrary PHP code via a URL in the inc_ordner parameter.
|
19-09-2017 - 01:30 | 12-09-2011 - 12:40 | |
| CVE-2016-2543 | 4.9 |
The snd_seq_ioctl_remove_events function in sound/core/seq/seq_clientmgr.c in the Linux kernel before 4.4.1 does not verify FIFO assignment before proceeding with FIFO clearing, which allows local users to cause a denial of service (NULL pointer dere
|
07-09-2017 - 01:29 | 27-04-2016 - 17:59 | |
| CVE-2009-0651 | 6.5 |
Unspecified vulnerability in the Veritas network daemon (aka vnetd) in Symantec Veritas NetBackup Server / Enterprise Server 5.x, 6.0 before MP7 SP1, and 6.5 before 6.5.3.1 allows remote attackers to execute arbitrary code via unknown vectors related
|
17-08-2017 - 01:29 | 20-02-2009 - 18:30 | |
| CVE-2005-1361 | 7.5 |
Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp.
|
11-07-2017 - 01:32 | 02-05-2005 - 04:00 | |
| CVE-2001-0713 | 4.6 |
Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with
|
05-09-2008 - 20:24 | 30-10-2001 - 05:00 |