Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-1376 | 9.3 |
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remo
|
13-02-2023 - 02:20 | 26-05-2009 - 15:30 | |
CVE-2009-1373 | 7.1 |
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained fro
|
13-02-2023 - 01:17 | 26-05-2009 - 15:30 | |
CVE-2005-1987 | 7.5 |
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstra
|
09-04-2020 - 13:28 | 13-10-2005 - 10:02 | |
CVE-2016-7837 | 4.6 |
Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities.
|
03-04-2020 - 00:15 | 09-06-2017 - 16:29 | |
CVE-2002-0935 | 5.0 |
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang
|
25-03-2019 - 11:29 | 04-10-2002 - 04:00 | |
CVE-2018-12806 | 4.3 |
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
|
16-11-2018 - 19:11 | 29-08-2018 - 13:29 | |
CVE-2009-1374 | 5.0 |
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.
|
29-09-2017 - 01:34 | 26-05-2009 - 15:30 | |
CVE-2009-1375 | 5.0 |
The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1)
|
29-09-2017 - 01:34 | 26-05-2009 - 15:30 | |
CVE-2011-4824 | 7.5 |
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.
|
29-08-2017 - 01:30 | 15-12-2011 - 03:57 | |
CVE-2015-2961 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of administrators.
|
31-12-2016 - 02:59 | 09-06-2015 - 00:59 | |
CVE-2011-4671 | 7.5 |
SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, for WordPress allows remote attackers to execute arbitrary SQL commands via the track parameter (aka redirect URL).
|
13-12-2011 - 04:09 | 02-12-2011 - 18:55 | |
CVE-2010-4500 | 6.8 |
Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) subject, and (4) message parameters
|
09-12-2010 - 05:00 | 08-12-2010 - 17:00 |