Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-3796 | 7.6 |
The password reset feature in the Spam Quarantine HTTP interface for MailMarshal SMTP 6.2.0.x before 6.2.1 allows remote attackers to modify arbitrary account information via a UserId variable with a large amount of trailing whitespace followed by a
|
14-02-2024 - 01:17 | 17-07-2007 - 23:30 | |
CVE-2016-9579 | 5.0 |
A flaw was found in the way Ceph Object Gateway would process cross-origin HTTP requests if the CORS policy was set to allow origin on a bucket. A remote unauthenticated attacker could use this flaw to cause denial of service by sending a specially-c
|
12-02-2023 - 23:27 | 01-08-2018 - 16:29 | |
CVE-2014-0382 | 4.3 |
Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.
|
13-05-2022 - 14:57 | 15-01-2014 - 16:08 | |
CVE-2018-8019 | 4.3 |
When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authe
|
03-02-2020 - 12:15 | 31-07-2018 - 13:29 | |
CVE-2009-1743 | 9.3 |
Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to create and overwrite arbitrary files via a filename containing a ..\ (dot dot b
|
10-10-2018 - 19:38 | 21-05-2009 - 00:30 | |
CVE-2011-3390 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in index.php in IBM OpenAdmin Tool (OAT) before 2.72 for Informix allow remote attackers to inject arbitrary web script or HTML via the (1) informixserver, (2) host, or (3) port parameter in a login
|
09-10-2018 - 19:33 | 06-09-2011 - 15:55 | |
CVE-2011-1359 | 5.0 |
Directory traversal vulnerability in the administration console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41, 7.0 before 7.0.0.19, and 8.0 before 8.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI.
|
17-08-2017 - 01:34 | 06-09-2011 - 15:55 | |
CVE-2005-3082 | 7.5 |
SQL injection vulnerability in admin.php in SEO-Board 1.0.2 allows remote attackers to execute arbitrary SQL commands via the user_pass_sha1 value in a cookie.
|
11-07-2017 - 01:33 | 27-09-2005 - 20:03 | |
CVE-2002-0400 | 5.0 |
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in mes
|
10-09-2008 - 19:11 | 18-06-2002 - 04:00 |