Max CVSS 9.3 Min CVSS 1.9 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-7389 4.3
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceid parameter to parentalcontrols/bind.php, (2) RESULT
26-04-2023 - 19:27 07-07-2014 - 14:55
CVE-2011-0035 9.3
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption,
23-07-2021 - 15:12 10-02-2011 - 16:00
CVE-2014-2324 5.0
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
24-02-2021 - 20:06 14-03-2014 - 15:55
CVE-2018-2500 1.9
Under certain conditions SAP Mobile Secure Android client (before version 6.60.19942.0 SP28 1711) allows an attacker to access information which would otherwise be restricted.
24-08-2020 - 17:37 11-12-2018 - 22:29
CVE-2006-0124 4.3
Cross-site scripting (XSS) vulnerability in crear.php in ADN Forum 1.0b allows remote attackers to inject arbitrary web script or HTML via the titulo parameter, which is used by the "Topic name" field.
19-10-2018 - 15:42 09-01-2006 - 11:03
CVE-2006-0123 7.5
Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors.
19-10-2018 - 15:42 09-01-2006 - 11:03
CVE-2007-5771 7.5
Flatnuke 3 (aka FlatnuX) allows remote attackers to obtain administrative access via a myforum%00 cookie.
15-10-2018 - 21:46 01-11-2007 - 16:46
CVE-2009-2091 5.0
The System Management/Repository component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 on z/OS uses weak file permissions for new applications, which allows remote attackers to obtain sensitive information via unspecified vectors.
17-08-2017 - 01:30 13-08-2009 - 18:30
CVE-2016-8495 5.8
An improper certificate validation vulnerability in Fortinet FortiManager 5.0.6 through 5.2.7 and 5.4.0 through 5.4.1 allows remote attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack via the Fortisandbox devices probing fea
25-07-2017 - 01:29 13-02-2017 - 15:59
CVE-2015-8382 6.4
The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive inform
28-12-2016 - 02:59 02-12-2015 - 01:59
CVE-2002-1247 7.2
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
18-10-2016 - 02:25 29-11-2002 - 05:00
CVE-2013-3448 4.0
Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote authenticated users to bypass intended access restrictions by performing meeting operations after account deactivation, aka Bug ID CSCuh33315.
16-09-2016 - 20:45 02-08-2013 - 12:10
Back to Top Mark selected
Back to Top