Max CVSS 9.3 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-15911 6.8
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.
24-08-2020 - 17:37 28-08-2018 - 04:29
CVE-2010-4021 2.1
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, ak
21-01-2020 - 15:45 02-12-2010 - 16:22
CVE-2018-15910 6.8
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
05-11-2019 - 21:15 27-08-2018 - 17:29
CVE-2018-16509 9.3
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instr
03-10-2019 - 00:03 05-09-2018 - 06:29
CVE-2005-3257 4.6
The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using
03-10-2018 - 21:31 18-10-2005 - 22:02
CVE-2002-0906 7.5
Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
10-10-2017 - 01:30 04-10-2002 - 04:00
CVE-2009-1846 7.5
Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the THEME_FOLDER parameter to (1) Corporate/homepage.php, (2) Fusion/homepage.
29-09-2017 - 01:34 01-06-2009 - 19:30
CVE-2012-5289 7.5
Multiple SQL injection vulnerabilities in Plogger 1.0 RC1 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) index.php or (2) gallery.php.
29-08-2017 - 01:32 04-10-2012 - 16:55
CVE-2012-5295 4.3
Cross-site scripting (XSS) vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed parameter.
29-08-2017 - 01:32 04-10-2012 - 17:55
CVE-2012-5099 4.3
Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
29-08-2017 - 01:32 23-09-2012 - 17:55
CVE-2012-5101 7.5
SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
29-08-2017 - 01:32 23-09-2012 - 17:55
CVE-2012-5346 4.3
Cross-site scripting (XSS) vulnerability in wp-live.php in the WP Live.php module 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter. NOTE: some of these details are obtained from third party infor
29-08-2017 - 01:32 09-10-2012 - 15:55
CVE-2012-5098 7.5
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (3) t parameter to pop.php.
29-08-2017 - 01:32 23-09-2012 - 17:55
CVE-2013-7459 7.5
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
01-07-2017 - 01:29 15-02-2017 - 15:59
CVE-2011-4780 4.3
Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1)
06-11-2012 - 05:04 22-12-2011 - 20:55
CVE-2011-4925 4.9
Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors.
02-02-2012 - 04:09 13-01-2012 - 04:14
Back to Top Mark selected
Back to Top