Max CVSS 10.0 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2003-0063 7.5
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin
29-10-2024 - 14:35 03-03-2003 - 05:00
CVE-2019-1679 4.0
A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected
23-03-2023 - 17:33 07-02-2019 - 21:29
CVE-2017-6562 4.3
XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=file&targetObjId=fileFolder-2&targetObjIdChild=[XSS] attack.
19-03-2019 - 14:19 09-03-2017 - 09:59
CVE-2017-6561 4.3
XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=object&action=[XSS] attack.
19-03-2019 - 14:18 09-03-2017 - 09:59
CVE-2017-6559 4.3
XSS in Agora-Project 3.2.2 exists with an index.php?disconnect=1&msgNotif[]=[XSS] attack.
19-03-2019 - 14:14 09-03-2017 - 09:59
CVE-2017-6560 4.3
XSS in Agora-Project 3.2.2 exists with an index.php?ctrl=misc&action=[XSS]&editObjId=[XSS] attack.
19-03-2019 - 12:14 09-03-2017 - 09:59
CVE-2014-3169 7.5
Use-after-free vulnerability in core/dom/ContainerNode.cpp in the DOM implementation in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging
30-10-2018 - 16:27 27-08-2014 - 01:55
CVE-2007-6479 4.9
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double ex
29-09-2017 - 01:29 20-12-2007 - 20:46
CVE-2014-3173 5.0
The WebGL implementation in Google Chrome before 37.0.2062.94 does not ensure that clear calls interact properly with the state of a draw buffer, which allows remote attackers to cause a denial of service (read of uninitialized memory) via a crafted
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2014-3172 6.4
The Debugger extension API in browser/extensions/api/debugger/debugger_api.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an ex
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2014-3176 10.0
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177.
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2014-3177 10.0
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2014-3175 10.0
Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType an
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2014-3170 6.4
extensions/common/url_pattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character.
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2014-3174 5.0
modules/webaudio/BiquadDSPKernel.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 37.0.2062.94, does not properly consider concurrent threads during attempts to update biquad filter coefficients, which allows remote a
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2014-3171 7.5
Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operation
29-08-2017 - 01:34 27-08-2014 - 01:55
CVE-2006-1127 4.3
Cross-site scripting (XSS) vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is not properly handled when adding a comment to an album.
20-07-2017 - 01:30 09-03-2006 - 22:02
Back to Top Mark selected
Back to Top