| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-3489 | 4.3 |
lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack.
|
13-02-2023 - 00:39 | 07-07-2014 - 14:55 | |
| CVE-2019-7310 | 6.8 |
In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a c
|
03-05-2022 - 14:49 | 03-02-2019 - 03:29 | |
| CVE-2014-3074 | 7.2 |
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a se
|
31-08-2021 - 15:44 | 02-07-2014 - 10:35 | |
| CVE-2014-4722 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
09-10-2018 - 19:49 | 07-07-2014 - 14:55 | |
| CVE-2007-6345 | 7.5 |
SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of the
|
08-08-2017 - 01:29 | 13-12-2007 - 22:46 | |
| CVE-2003-1407 | 7.2 |
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2006-1031 | 7.5 |
config/config_inc.php in iGENUS Webmail 2.02 and earlier allows remote attackers to include arbitrary local files via the SG_HOME parameter.
|
20-07-2017 - 01:30 | 07-03-2006 - 11:02 | |
| CVE-2016-9698 | 7.5 |
IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or cons
|
14-06-2017 - 14:05 | 08-06-2017 - 21:29 | |
| CVE-2014-3088 | 5.5 |
stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client to validate the file format used in wAttach?OpenForm multipart/form-data POST requests, which allows remote authenticated users to bypass intended upload restrictions by modifying t
|
07-01-2017 - 02:59 | 01-07-2014 - 20:55 | |
| CVE-2014-4702 | 2.1 |
The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
|
28-11-2016 - 19:12 | 05-12-2014 - 16:59 |