| Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2001-0948 | 7.5 |
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description,
|
14-02-2024 - 01:17 | 04-12-2001 - 05:00 | |
| CVE-2009-3168 | 6.5 |
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin/reset.php and (2) admin/user_add.php, which allows remote authenticated users to reset administrative passwords or add administrators via a direct request.
|
25-01-2024 - 21:51 | 11-09-2009 - 20:30 | |
| CVE-2009-2968 | 5.0 |
Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors.
|
10-10-2018 - 19:42 | 02-09-2009 - 17:30 | |
| CVE-2007-2270 | 7.8 |
The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.
|
11-10-2017 - 01:32 | 25-04-2007 - 20:19 | |
| CVE-2009-2964 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences
|
19-09-2017 - 01:29 | 25-08-2009 - 17:30 | |
| CVE-2008-7159 | 5.8 |
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, relat
|
17-08-2017 - 01:29 | 10-09-2009 - 21:30 | |
| CVE-2009-0487 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mahara before 1.0.9 allows remote attackers to inject arbitrary web script or HTML via a crafted forum post.
|
08-08-2017 - 01:33 | 09-02-2009 - 20:30 | |
| CVE-2016-5599 | 6.4 |
Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt.
|
28-11-2016 - 20:27 | 25-10-2016 - 14:31 | |
| CVE-2012-1249 | 5.0 |
The iLunascape application 1.0.4.0 and earlier for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive stored information via a crafted application.
|
04-01-2013 - 04:36 | 21-05-2012 - 20:55 | |
| CVE-2009-3163 | 7.5 |
Multiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in
|
23-10-2012 - 03:10 | 10-09-2009 - 21:30 | |
| CVE-2008-7160 | 5.8 |
The silc_http_server_parse function in lib/silchttp/silchttpserver.c in the internal HTTP server in silcd in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.9 allows remote attackers to overwrite a stack location and possibly execute arbi
|
23-10-2012 - 03:01 | 10-09-2009 - 21:30 | |
| CVE-2009-3043 | 4.9 |
The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via
|
19-03-2012 - 04:00 | 02-09-2009 - 17:30 |