| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-4172 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 through 6.0.29 and 7.0.0 through 7.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to s
|
13-02-2023 - 04:28 | 26-11-2010 - 20:00 | |
| CVE-2018-8351 | 4.3 |
An information disclosure vulnerability exists when affected Microsoft browsers improperly allow cross-frame interaction, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explor
|
24-08-2020 - 17:37 | 15-08-2018 - 17:29 | |
| CVE-2015-1760 | 9.3 |
Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 SP1, and Office 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 10-06-2015 - 01:59 | |
| CVE-2007-3951 | 7.5 |
Multiple buffer overflows in Norman Antivirus 5.90 allow remote attackers to execute arbitrary code via a crafted (1) ACE or (2) LZH file, resulting from an "integer cast around."
|
15-10-2018 - 21:32 | 24-07-2007 - 17:30 | |
| CVE-2013-7140 | 4.0 |
XML External Entity (XXE) vulnerability in the CalDAV interface in Open-Xchange (OX) AppSuite 7.4.1 and earlier allows remote authenticated users to read portions of arbitrary files via vectors related to the SAX builder and the WebDAV interface. NO
|
29-08-2017 - 01:34 | 26-01-2014 - 20:55 | |
| CVE-2011-3256 | 4.3 |
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font,
|
29-08-2017 - 01:30 | 14-10-2011 - 10:55 | |
| CVE-2009-1756 | 2.1 |
SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.
|
17-08-2017 - 01:30 | 22-05-2009 - 11:52 | |
| CVE-2016-8824 | 7.2 |
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where improper access controls allow a regular user to write a part of the registry intended for privileged use
|
27-12-2016 - 14:45 | 16-12-2016 - 21:59 | |
| CVE-2005-4720 | 5.0 |
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbe
|
05-09-2008 - 20:57 | 31-12-2005 - 05:00 | |
| CVE-2002-2182 | 6.4 |
Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 allows remote attackers to execute arbitrary code via a long MSN packet.
|
05-09-2008 - 20:32 | 31-12-2002 - 05:00 |