| Max CVSS | 7.8 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-10915 | 6.0 |
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru
|
04-08-2021 - 17:14 | 09-08-2018 - 20:29 | |
| CVE-2010-4072 | 1.9 |
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct
|
14-08-2020 - 15:19 | 29-11-2010 - 16:00 | |
| CVE-2011-3336 | 7.8 |
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.
|
18-02-2020 - 19:49 | 12-02-2020 - 20:15 | |
| CVE-2002-2008 | 5.0 |
Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
|
25-03-2019 - 11:29 | 31-12-2002 - 05:00 | |
| CVE-2007-3922 | 6.8 |
Unspecified vulnerability in the Java Runtime Environment (JRE) Applet Class Loader in Sun JDK and JRE 5.0 Update 11 and earlier, 6 through 6 Update 1, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to violate the security model for an
|
29-09-2017 - 01:29 | 21-07-2007 - 00:30 | |
| CVE-2009-2241 | 4.3 |
Cross-site scripting (XSS) vulnerability in search.asp in ASP Inline Corporate Calendar allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
|
19-09-2017 - 01:29 | 27-06-2009 - 18:48 | |
| CVE-2009-2242 | 6.8 |
SQL injection vulnerability in active_appointments.asp in ASP Inline Corporate Calendar allows remote attackers to execute arbitrary SQL commands via the order parameter.
|
19-09-2017 - 01:29 | 27-06-2009 - 18:48 | |
| CVE-2014-0672 | 4.0 |
The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface.
|
29-08-2017 - 01:34 | 22-01-2014 - 05:22 | |
| CVE-2005-3664 | 7.5 |
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM
|
11-07-2017 - 01:33 | 18-11-2005 - 06:04 | |
| CVE-2016-8814 | 7.2 |
All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape where multiple pointers are used without checking for NULL, leading to denial of service or potential escalatio
|
24-12-2016 - 02:59 | 16-12-2016 - 21:59 | |
| CVE-2016-1787 | 5.0 |
Wiki Server in Apple OS X Server before 5.1 allows remote attackers to obtain sensitive information from Wiki pages via unspecified vectors.
|
20-12-2016 - 02:59 | 24-03-2016 - 01:59 | |
| CVE-2016-1774 | 5.0 |
The Time Machine server in Server App in Apple OS X Server before 5.1 does not notify the user about ignored permissions during a backup, which makes it easier for remote attackers to obtain sensitive information in opportunistic circumstances by rea
|
20-12-2016 - 02:59 | 24-03-2016 - 01:59 | |
| CVE-2016-1776 | 5.0 |
Web Server in Apple OS X Server before 5.1 does not properly restrict access to .DS_Store and .htaccess files, which allows remote attackers to obtain sensitive configuration information via an HTTP request.
|
20-12-2016 - 02:59 | 24-03-2016 - 01:59 | |
| CVE-2016-1777 | 5.0 |
Web Server in Apple OS X Server before 5.1 supports the RC4 algorithm, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.
|
20-12-2016 - 02:59 | 24-03-2016 - 01:59 |