Max CVSS | 7.8 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2007-6262 | 6.8 |
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized p
|
15-10-2018 - 21:51 | 06-12-2007 - 02:46 | |
CVE-2014-2579 | 7.6 |
Multiple cross-site request forgery (CSRF) vulnerabilities in XCloner Standalone 3.5 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password via the config task to inde
|
09-10-2018 - 19:43 | 25-04-2014 - 20:55 | |
CVE-2014-2268 | 5.0 |
views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote attackers to re-install the application via a request that sets the X-Requested-With HTTP header, as demonstrated by ex
|
20-11-2017 - 18:27 | 16-11-2014 - 01:59 | |
CVE-2014-2749 | 5.0 |
The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.
|
29-08-2017 - 01:34 | 10-04-2014 - 20:55 | |
CVE-2014-2333 | 2.6 |
Cross-site scripting (XSS) vulnerability in the Lazyest Gallery plugin before 1.1.21 for WordPress allows remote attackers to inject arbitrary web script or HTML via an EXIF tag. NOTE: some of these details are obtained from third party information.
|
29-08-2017 - 01:34 | 11-04-2014 - 14:55 | |
CVE-2009-2874 | 7.8 |
The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.
|
17-08-2017 - 01:30 | 16-10-2009 - 16:30 | |
CVE-2017-0128 | 4.3 |
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability."
|
16-08-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2003-1351 | 5.0 |
Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
CVE-2006-0790 | 5.0 |
Rockliffe MailSite 7.0 and earlier allows remote attackers to cause a denial of service by sending crafted LDAP packets to port 389/TCP, as demonstrated by the ProtoVer LDAP testsuite.
|
20-07-2017 - 01:30 | 19-02-2006 - 21:02 | |
CVE-2014-2269 | 6.4 |
modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPassword parameters.
|
22-04-2014 - 16:31 | 22-04-2014 - 13:06 | |
CVE-2014-0612 | 5.0 |
Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote atta
|
19-04-2014 - 04:46 | 14-04-2014 - 15:09 |