Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-5690 | 4.6 |
Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root ac
|
11-04-2024 - 00:43 | 29-10-2007 - 19:46 | |
CVE-2018-15986 | 4.3 |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h
|
21-08-2019 - 16:20 | 18-01-2019 - 17:29 | |
CVE-2018-15995 | 4.3 |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h
|
21-08-2019 - 16:20 | 18-01-2019 - 17:29 | |
CVE-2018-16007 | 4.3 |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h
|
21-08-2019 - 16:20 | 18-01-2019 - 17:29 | |
CVE-2018-16009 | 4.3 |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier h
|
21-08-2019 - 16:20 | 18-01-2019 - 17:29 | |
CVE-2013-4276 | 4.3 |
Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utilit
|
21-09-2018 - 10:29 | 28-09-2013 - 19:55 | |
CVE-2002-1219 | 7.5 |
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
|
03-05-2018 - 01:29 | 29-11-2002 - 05:00 | |
CVE-2015-5731 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allows remote attackers to hijack the authentication of administrators for requests that lock a post, and consequently cause a denial of service (editing b
|
04-11-2017 - 01:29 | 09-11-2015 - 11:59 | |
CVE-2015-5732 | 4.3 |
Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu_Widget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title.
|
04-11-2017 - 01:29 | 09-11-2015 - 11:59 | |
CVE-2015-2213 | 7.5 |
SQL injection vulnerability in the wp_untrash_post_comments function in wp-includes/post.php in WordPress before 4.2.4 allows remote attackers to execute arbitrary SQL commands via a comment that is mishandled after retrieval from the trash.
|
04-11-2017 - 01:29 | 09-11-2015 - 11:59 | |
CVE-2015-5730 | 5.0 |
The sanitize_widget_instance function in wp-includes/class-wp-customize-widgets.php in WordPress before 4.2.4 does not use a constant-time comparison for widgets, which allows remote attackers to conduct a timing side-channel attack by measuring the
|
21-09-2017 - 01:29 | 09-11-2015 - 11:59 | |
CVE-2013-5302 | 7.5 |
SQL injection vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
29-08-2017 - 01:33 | 16-08-2013 - 17:55 | |
CVE-2013-5307 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
29-08-2017 - 01:33 | 16-08-2013 - 17:55 | |
CVE-2013-5305 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
29-08-2017 - 01:33 | 16-08-2013 - 17:55 | |
CVE-2013-3995 | 3.5 |
Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights 1.1 through 2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
29-08-2017 - 01:33 | 06-08-2013 - 13:20 | |
CVE-2013-5303 | 10.0 |
Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize."
|
29-08-2017 - 01:33 | 16-08-2013 - 17:55 | |
CVE-2013-5304 | 7.5 |
SQL injection vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
29-08-2017 - 01:33 | 16-08-2013 - 17:55 | |
CVE-2013-3992 | 6.0 |
Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigInsights 2.0 through 2.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
|
29-08-2017 - 01:33 | 06-08-2013 - 13:20 | |
CVE-2013-3996 | 4.9 |
IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site.
|
29-08-2017 - 01:33 | 06-08-2013 - 13:20 | |
CVE-2012-1503 | 4.3 |
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.
|
29-08-2017 - 01:31 | 29-08-2014 - 13:55 | |
CVE-2013-5583 | 4.3 |
Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
|
31-12-2016 - 02:59 | 29-12-2013 - 04:25 | |
CVE-2006-0109 | 5.0 |
Cross-site scripting vulnerability in category.php in Modular Merchant Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
|
08-03-2011 - 02:29 | 07-01-2006 - 00:03 |