| Max CVSS | 7.5 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-2751 | 4.3 |
ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote a
|
13-02-2023 - 00:25 | 22-07-2012 - 16:55 | |
| CVE-2016-9050 | 6.4 |
An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process,
|
13-12-2022 - 21:11 | 26-01-2017 - 21:59 | |
| CVE-2009-5031 | 4.3 |
ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks via a single quote in a request
|
12-02-2021 - 17:24 | 22-07-2012 - 16:55 | |
| CVE-2018-15374 | 7.2 |
A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnerability is due to the affected software improperly
|
09-10-2019 - 23:35 | 05-10-2018 - 14:29 | |
| CVE-2002-1184 | 4.6 |
The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full access (Everyone:F) and is in the search path when locating programs during login or application launch from the desktop, which could allow attackers
|
30-04-2019 - 14:27 | 12-11-2002 - 05:00 | |
| CVE-2007-4524 | 7.5 |
PHP remote file inclusion vulnerability in adisplay.php in PhPress 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.
|
15-10-2018 - 21:35 | 25-08-2007 - 00:17 | |
| CVE-2014-0253 | 5.0 |
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon hang) via crafted HTTP requests that trigger persis
|
12-10-2018 - 22:05 | 12-02-2014 - 04:50 | |
| CVE-2012-2746 | 2.1 |
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), when the password of a LDAP user has been changed and audit logging is enabled, saves the new password to the log in plain text, which allows remote authenticated us
|
19-09-2017 - 01:34 | 03-07-2012 - 16:40 | |
| CVE-2012-2678 | 1.2 |
389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#use
|
19-09-2017 - 01:34 | 03-07-2012 - 16:40 | |
| CVE-2009-1914 | 4.9 |
The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialize
|
17-08-2017 - 01:30 | 04-06-2009 - 16:30 | |
| CVE-2015-4224 | 7.2 |
Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474.
|
28-12-2016 - 17:42 | 26-06-2015 - 10:59 | |
| CVE-2005-3572 | 7.5 |
SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allows remote attackers to execute arbitrary SQL commands via the rubid parameter.
|
08-03-2011 - 02:26 | 16-11-2005 - 07:42 |