| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-8009 | 6.5 |
Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.
|
08-10-2020 - 10:15 | 13-11-2018 - 21:29 | |
| CVE-2002-1230 | 4.6 |
NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code as LocalSystem via "shatter" style attack by sending a WM_COPYDATA message followed by a WM_TIMER message, as demon
|
30-04-2019 - 14:27 | 04-11-2002 - 05:00 | |
| CVE-2009-2663 | 9.3 |
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg
|
03-10-2018 - 22:00 | 04-08-2009 - 16:30 | |
| CVE-2011-0021 | 9.3 |
Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.
|
19-09-2017 - 01:31 | 25-01-2011 - 19:00 | |
| CVE-2009-2664 | 5.0 |
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted
|
19-09-2017 - 01:29 | 04-08-2009 - 16:30 | |
| CVE-2013-1971 | 2.1 |
Cross-site scripting (XSS) vulnerability in the MP3 Player module for Drupal 6.x allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the file name of a MP3 file.
|
29-08-2017 - 01:33 | 25-06-2013 - 18:55 | |
| CVE-2013-2712 | 4.3 |
Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
29-05-2014 - 23:44 | 23-05-2014 - 14:55 | |
| CVE-2013-2713 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in users_maint.html in KrisonAV CMS before 3.0.2 allows remote attackers to hijack the authentication of administrators for requests that create user accounts via a crafted request.
|
29-05-2014 - 23:44 | 23-05-2014 - 14:55 | |
| CVE-2009-2662 | 10.0 |
The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in
|
04-09-2009 - 05:28 | 04-08-2009 - 16:30 | |
| CVE-2007-5280 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in messages.jsp in AppFuse before 2.0 Final allow remote attackers to inject arbitrary web script or HTML via unspecified input that is recorded in (1) success or (2) error messages.
|
15-11-2008 - 07:00 | 09-10-2007 - 00:17 |