| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2424 | 5.0 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via ve
|
13-05-2022 - 14:53 | 17-04-2013 - 18:55 | |
| CVE-2013-2432 | 10.0 |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, i
|
13-05-2022 - 14:52 | 17-04-2013 - 18:55 | |
| CVE-2007-3892 | 7.5 |
Microsoft Internet Explorer 5.01 through 7 allows remote attackers to spoof the URL address bar and other "trust UI" components via unspecified vectors, a different issue than CVE-2007-1091 and CVE-2007-3826.
|
23-07-2021 - 15:06 | 09-10-2007 - 22:17 | |
| CVE-2018-15795 | 5.5 |
Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the
|
09-10-2019 - 23:35 | 13-11-2018 - 14:29 | |
| CVE-2013-6233 | 4.3 |
Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description field in the "Short document metadata."
|
09-10-2018 - 19:34 | 09-03-2014 - 13:16 | |
| CVE-2017-2694 | 4.3 |
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to call. An attacker can construct a malicious application to call it. Consequently, alert music will
|
11-12-2017 - 17:06 | 22-11-2017 - 19:29 | |
| CVE-2009-2715 | 4.9 |
Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction.
|
19-09-2017 - 01:29 | 07-08-2009 - 19:00 | |
| CVE-2011-1159 | 2.1 |
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that perfor
|
14-05-2012 - 04:00 | 05-10-2011 - 02:56 | |
| CVE-2005-4307 | 4.3 |
Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi.
|
08-03-2011 - 02:27 | 17-12-2005 - 00:03 | |
| CVE-2002-2339 | 4.3 |
Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5) image=left, and (6)
|
05-09-2008 - 20:32 | 31-12-2002 - 05:00 |