| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-4608 | 7.5 |
mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sess
|
13-02-2023 - 03:23 | 27-01-2012 - 15:55 | |
| CVE-2013-6466 | 5.0 |
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. Per: http://cwe.mitre.org/data/definitions/476.html
"CWE-476: NULL Poin
|
29-07-2019 - 14:24 | 26-01-2014 - 20:55 | |
| CVE-2018-13393 | 4.3 |
The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an an
|
12-10-2018 - 20:33 | 15-08-2018 - 12:29 | |
| CVE-2005-3256 | 5.0 |
The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID that does not have additional information, which allows parties with that key to decrypt the message.
|
03-10-2018 - 21:31 | 18-10-2005 - 21:02 | |
| CVE-2012-6524 | 7.5 |
SQL injection vulnerability in kommentar.php in pGB 2.12 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-08-2017 - 01:32 | 31-01-2013 - 05:44 | |
| CVE-2012-6525 | 7.5 |
SQL injection vulnerability in members.php in PHPBridges allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-08-2017 - 01:32 | 31-01-2013 - 05:44 | |
| CVE-2011-5065 | 4.3 |
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 allows remote attackers to inject arbitrary web script or HTML via vectors related to web messaging.
|
29-08-2017 - 01:30 | 15-01-2012 - 03:55 | |
| CVE-2002-0713 | 7.5 |
Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client,
|
18-10-2016 - 02:21 | 26-07-2002 - 04:00 | |
| CVE-2012-5233 | 2.1 |
Cross-site scripting (XSS) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML via unspecified vecotrs.
|
02-10-2012 - 04:00 | 01-10-2012 - 22:55 | |
| CVE-2011-4873 | 5.0 |
Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service (daemon crash) via crafted requests to TCP port 4840.
|
20-01-2012 - 16:19 | 19-01-2012 - 15:55 |