| Max CVSS | 9.3 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4176 | 4.0 |
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.
|
03-06-2022 - 15:09 | 07-12-2010 - 22:00 | |
| CVE-2015-1658 | 9.3 |
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015
|
12-10-2018 - 22:08 | 13-05-2015 - 10:59 | |
| CVE-2012-3107 | 2.1 |
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability
|
12-10-2018 - 22:03 | 17-07-2012 - 23:55 | |
| CVE-2010-4398 | 7.2 |
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain
|
12-10-2018 - 21:59 | 06-12-2010 - 13:44 | |
| CVE-2010-4358 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGIGUY (MCG) Guestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, (3) website, and (4) message parameters.
|
10-10-2018 - 20:08 | 01-12-2010 - 16:06 | |
| CVE-2010-4167 | 6.9 |
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. Per: http://
|
06-01-2018 - 02:29 | 22-11-2010 - 20:00 | |
| CVE-2009-1321 | 4.3 |
Cross-site scripting (XSS) vulnerability in search.asp in ASP Product Catalog 1.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter.
|
29-09-2017 - 01:34 | 17-04-2009 - 14:08 | |
| CVE-2010-3654 | 9.3 |
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows r
|
19-09-2017 - 01:31 | 29-10-2010 - 19:00 | |
| CVE-2004-2473 | 1.2 |
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2002-0180 | 7.5 |
Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname.
|
11-07-2017 - 01:29 | 22-04-2002 - 04:00 | |
| CVE-2016-8795 | 7.1 |
Huawei CloudEngine 12800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 5800 with software V100R002C00, V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00; CloudEngine 6800 with so
|
05-04-2017 - 23:59 | 02-04-2017 - 20:59 | |
| CVE-2007-3627 | 7.5 |
Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) login.php, (2) auth.php, and (3) subscribe.php. NOTE: the month.php, year.php, week.php, and
|
05-09-2008 - 21:26 | 09-07-2007 - 16:30 |