| Max CVSS | 7.5 | Min CVSS | 3.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-11050 | 3.3 |
Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User credentials are sen
|
03-10-2019 - 00:03 | 01-08-2018 - 06:29 | |
| CVE-2004-2069 | 5.0 |
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the co
|
19-10-2018 - 15:30 | 31-12-2004 - 05:00 | |
| CVE-2006-4183 | 6.8 |
Heap-based buffer overflow in Microsoft DirectX SDK (February 2006) and probably earlier, including 9.0c End User Runtimes, allows context-dependent attackers to execute arbitrary code via a crafted Targa file with a run-length-encoding (RLE) compres
|
17-10-2018 - 21:33 | 18-07-2007 - 23:30 | |
| CVE-2011-1510 | 4.3 |
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus (SDP) before 8012 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter.
|
09-10-2018 - 19:31 | 20-09-2011 - 10:55 | |
| CVE-2011-1509 | 5.0 |
The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus (SDP) 8012 and earlier uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote attackers to obtain sensitive information by sniffing the n
|
09-10-2018 - 19:31 | 20-09-2011 - 10:55 | |
| CVE-2016-10013 | 4.6 |
Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation.
|
04-11-2017 - 01:29 | 26-01-2017 - 15:59 | |
| CVE-2009-1816 | 7.5 |
SQL injection vulnerability in admin.php in My Game Script 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter (aka the username field). NOTE: some of these details are obtained from third party information.
|
29-09-2017 - 01:34 | 29-05-2009 - 16:30 | |
| CVE-2011-1913 | 7.5 |
SQL injection vulnerability in the login form in the web interface in Mercator SENTINEL 2.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
17-08-2017 - 01:34 | 22-09-2011 - 10:55 | |
| CVE-2015-4167 | 4.7 |
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted
|
22-12-2016 - 02:59 | 05-08-2015 - 18:59 | |
| CVE-2002-1903 | 5.0 |
Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information.
|
05-09-2008 - 20:31 | 31-12-2002 - 05:00 |