| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-0298 | 6.5 |
The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service (guest OS crash) or gain privil
|
27-06-2024 - 19:17 | 12-02-2010 - 19:30 | |
| CVE-2010-0309 | 6.8 |
The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to
|
13-02-2023 - 04:15 | 12-02-2010 - 19:30 | |
| CVE-2010-0297 | 7.2 |
Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code
|
13-02-2023 - 02:21 | 12-02-2010 - 19:30 | |
| CVE-2018-2768 | 5.8 |
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network
|
03-10-2019 - 00:03 | 19-04-2018 - 02:29 | |
| CVE-2007-2541 | 7.5 |
PHP remote file inclusion vulnerability in includes/ajax_listado.php in Versado CMS 1.07 allows remote attackers to execute arbitrary PHP code via a URL in the urlModulo parameter.
|
11-10-2017 - 01:32 | 09-05-2007 - 01:19 | |
| CVE-2010-0306 | 4.1 |
The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) to restrict instruction execution, which allows guest OS users to cause a denial
|
19-09-2017 - 01:30 | 12-02-2010 - 19:30 | |
| CVE-2009-0013 | 2.1 |
dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as command line arguments, which allows local users to gain privileges by listing process information.
|
08-08-2017 - 01:33 | 13-02-2009 - 00:30 | |
| CVE-2016-1000137 | 4.3 |
Reflected XSS in wordpress plugin hero-maps-pro v2.1.0
|
22-12-2016 - 14:39 | 10-10-2016 - 20:59 | |
| CVE-2002-0014 | 7.5 |
URL-handling code in Pine 4.43 and earlier allows remote attackers to execute arbitrary commands via a URL enclosed in single quotes and containing shell metacharacters (&).
|
18-10-2016 - 02:15 | 26-07-2002 - 04:00 | |
| CVE-2010-0444 | 10.0 |
HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op account, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
13-02-2010 - 07:22 | 09-02-2010 - 19:30 | |
| CVE-2005-1818 | 7.5 |
Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 allow remote attackers to execute arbitrary SQL commands via unknown attack vectors.
|
05-09-2008 - 20:50 | 01-06-2005 - 04:00 |