| Max CVSS | 9.3 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-2610 | 3.5 |
jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names (SECURITY-388).
|
09-10-2019 - 23:26 | 15-05-2018 - 21:29 | |
| CVE-2015-2426 | 9.3 |
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows rem
|
15-05-2019 - 15:23 | 20-07-2015 - 18:59 | |
| CVE-2018-7799 | 9.3 |
A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when placing a specific DLL file.
|
27-12-2018 - 18:11 | 02-11-2018 - 17:29 | |
| CVE-2007-5306 | 5.0 |
ELSEIF CMS Beta 0.6 allows remote attackers to obtain sensitive information (full path) via unspecified vectors to utilisateurs/votesresultats.php.
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2007-5305 | 7.5 |
Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2007-5304 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) repertimage parameter to utilisateurs/vousetesbannis.php, the (2) elseifvotetxtresultatduvote paramet
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2007-5307 | 7.5 |
ELSEIF CMS Beta 0.6 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a .php file
|
15-10-2018 - 21:42 | 09-10-2007 - 18:17 | |
| CVE-2009-2666 | 6.4 |
socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted cert
|
10-10-2018 - 19:41 | 07-08-2009 - 19:00 | |
| CVE-2005-4400 | 4.3 |
Cross-site scripting (XSS) vulnerability in downloads/portal_ent in Liferay Portal Enterprise 3.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) _77_struts_action, (2) p_p_mode, and (3) p_p_state parameters.
|
20-09-2008 - 04:43 | 20-12-2005 - 11:03 | |
| CVE-2002-1224 | 5.0 |
Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
|
05-09-2008 - 20:30 | 28-10-2002 - 05:00 |