| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-3140 | 5.0 |
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain the cleartext NIS password hashes.
|
25-01-2024 - 20:58 | 05-10-2005 - 21:02 | |
| CVE-2011-2002 | 4.7 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle TrueType fonts, which allows local users to cause a denial of service (system hang) via
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
| CVE-2011-2002 | 4.7 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle TrueType fonts, which allows local users to cause a denial of service (system hang) via
|
28-09-2020 - 12:58 | 12-10-2011 - 02:52 | |
| CVE-2018-8379 | 9.3 |
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from
|
24-08-2020 - 17:37 | 15-08-2018 - 17:29 | |
| CVE-2015-1748 | 6.8 |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
| CVE-2011-1895 | 4.3 |
CRLF injection vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XS
|
12-10-2018 - 22:01 | 12-10-2011 - 02:52 | |
| CVE-2009-1809 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in myColex 1.4.2 allow remote attackers to inject arbitrary web script or HTML via (1) the year parameter to modules/kalender.php, (2) the Page parameter in a List action to modules/ereignis.php, (3
|
29-09-2017 - 01:34 | 29-05-2009 - 16:30 | |
| CVE-2009-1810 | 6.0 |
Multiple SQL injection vulnerabilities in myColex 1.4.2 allow remote attackers to execute arbitrary SQL commands via (1) the formUser parameter (aka the Name field) to common/login.php, and allow remote authenticated users to execute arbitrary SQL co
|
29-09-2017 - 01:34 | 29-05-2009 - 16:30 | |
| CVE-2016-5303 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form (1)
|
23-12-2016 - 02:59 | 20-12-2016 - 22:59 | |
| CVE-2002-0937 | 5.0 |
The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).
|
05-09-2008 - 20:29 | 04-10-2002 - 04:00 |