Max CVSS | 9.3 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-0547 | 0.0 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly
|
13-05-2022 - 14:52 | 30-08-2012 - 23:55 | |
CVE-2012-0779 | 9.3 |
Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, r
|
18-07-2019 - 12:21 | 04-05-2012 - 19:55 | |
CVE-2018-2463 | 5.0 |
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.
|
29-11-2018 - 20:10 | 11-09-2018 - 15:29 | |
CVE-2007-4423 | 5.0 |
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
|
15-10-2018 - 21:35 | 18-08-2007 - 21:17 | |
CVE-2012-1775 | 9.3 |
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
|
14-12-2017 - 02:29 | 19-03-2012 - 16:55 | |
CVE-2012-0745 | 7.2 |
The getpwnam function in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.1.0.10 through 2.2.1.3 does not properly interact with customer-extended LDAP user filtering, which allows local users to gain privileges via unspecified vectors.
|
07-12-2017 - 02:29 | 04-05-2012 - 16:55 | |
CVE-2012-4260 | 7.5 |
Multiple SQL injection vulnerabilities in myCare2x allow remote attackers to execute arbitrary SQL commands via the (1) aktion or (2) callurl parameter to modules/patient/mycare2x_pat_info.php; (3) dept_nr or (4) pid parameter to modules/importer/myc
|
29-08-2017 - 01:32 | 13-08-2012 - 18:55 | |
CVE-2012-4262 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow remote attackers to inject arbitrary web script or HTML via the (1) name_last, (2) name_first, (3) name_middle, or (4) name_maiden parameter to modules/patient/mycare_pid.php; (5)
|
29-08-2017 - 01:32 | 13-08-2012 - 18:55 | |
CVE-2012-4282 | 7.5 |
SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
29-08-2017 - 01:32 | 13-08-2012 - 23:55 | |
CVE-2012-2144 | 6.8 |
Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie.
|
29-08-2017 - 01:31 | 05-06-2012 - 22:55 | |
CVE-2009-2027 | 7.2 |
The Installer in Apple Safari before 4.0 on Windows allows local users to gain privileges by checking a box that specifies an immediate launch of the application after installation, related to an unspecified compression method.
|
17-08-2017 - 01:30 | 10-06-2009 - 19:30 | |
CVE-2007-4273 | 4.6 |
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
CVE-2007-4275 | 6.9 |
Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
CVE-2007-4418 | 5.5 |
IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, b
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
CVE-2007-4417 | 6.0 |
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
CVE-2007-4272 | 1.9 |
Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locat
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
CVE-2007-4276 | 6.9 |
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
CVE-2007-4270 | 6.9 |
Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files.
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
CVE-2005-3546 | 7.2 |
suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege.
|
11-07-2017 - 01:33 | 16-11-2005 - 07:42 | |
CVE-2016-10129 | 5.0 |
The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty packet line.
|
28-03-2017 - 01:59 | 24-03-2017 - 15:59 | |
CVE-2015-4203 | 5.4 |
Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devices, when NetFlow and an MPLS IPv6 VPN are configured, allows remote attackers to cause a denial of service (PXF process crash) by sending malformed MP
|
28-12-2016 - 18:01 | 23-06-2015 - 14:59 | |
CVE-2012-4258 | 7.5 |
Multiple SQL injection vulnerabilities in MYRE Real Estate Software (2012 Q2) allow remote attackers to execute arbitrary SQL commands via the (1) link_idd parameter to 1_mobile/listings.php or (2) userid parameter to 1_mobile/agentprofile.php.
|
14-08-2012 - 04:00 | 13-08-2012 - 18:55 | |
CVE-2012-0296 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
22-05-2012 - 16:37 | 21-05-2012 - 20:55 | |
CVE-2007-4271 | 2.1 |
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file.
|
08-03-2011 - 02:58 | 18-08-2007 - 21:17 | |
CVE-2002-1055 | 5.0 |
Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password.
|
05-09-2008 - 20:29 | 04-10-2002 - 04:00 |