| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-5257 | 4.9 |
drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a crafted USB device. NOTE: this ID w
|
12-02-2023 - 23:15 | 16-11-2015 - 11:59 | |
| CVE-2014-3538 | 5.0 |
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule. N
|
19-01-2023 - 16:34 | 03-07-2014 - 14:55 | |
| CVE-2014-3483 | 7.5 |
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary
|
08-08-2019 - 15:43 | 07-07-2014 - 11:01 | |
| CVE-2014-3482 | 7.5 |
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands b
|
08-08-2019 - 15:42 | 07-07-2014 - 11:01 | |
| CVE-2018-20744 | 4.3 |
The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problem
|
20-02-2019 - 18:59 | 28-01-2019 - 08:29 | |
| CVE-2009-3725 | 7.2 |
The connector layer in the Linux kernel before 2.6.31.5 does not require the CAP_SYS_ADMIN capability for certain interaction with the (1) uvesafb, (2) pohmelfs, (3) dst, or (4) dm subsystem, which allows local users to bypass intended access restric
|
16-11-2018 - 15:46 | 06-11-2009 - 15:30 | |
| CVE-2006-0978 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the View Headers (aka viewheaders) functionality in ArGoSoft Mail Server Pro 1.8.8.5 allow remote attackers to inject arbitrary web script or HTML via (1) the Subject header, (2) the From header,
|
18-10-2018 - 16:30 | 03-03-2006 - 11:02 | |
| CVE-2003-1360 | 7.2 |
Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2017-0532 | 2.6 |
An information disclosure vulnerability in the MediaTek video codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged
|
17-07-2017 - 13:18 | 08-03-2017 - 01:59 |