Max CVSS | 7.5 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-4852 | 7.5 |
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_comm
|
21-12-2023 - 01:31 | 18-11-2015 - 15:59 | |
CVE-2013-0220 | 5.0 |
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4
|
13-02-2023 - 04:38 | 24-02-2013 - 19:55 | |
CVE-2013-0219 | 3.7 |
System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.
|
13-02-2023 - 04:38 | 24-02-2013 - 19:55 | |
CVE-2015-3204 | 5.0 |
libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.
|
13-02-2023 - 00:48 | 01-07-2015 - 14:59 | |
CVE-2003-0309 | 7.5 |
Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple
|
23-07-2021 - 15:02 | 09-06-2003 - 04:00 | |
CVE-2015-4413 | 4.3 |
Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_
|
25-06-2019 - 17:18 | 24-06-2015 - 14:59 | |
CVE-2006-1810 | 1.9 |
Multiple cross-site scripting (XSS) vulnerabilities in FlexBB 0.5.5 BETA allow remote attackers to inject arbitrary web script or HTML via the (1) ICQ, (2) AIM, (3) MSN, (4) Google Talk, (5) Website Name, (6) Website Address, (7) Email Address, (8) L
|
18-10-2018 - 16:36 | 18-04-2006 - 10:02 | |
CVE-2015-5064 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administrator) beta-1 allow remote attackers to inject arbitrary web script or HTML via the table_name parameter to (1) tabella.php, (2) coloni.php, or (3) in
|
09-10-2018 - 19:57 | 24-06-2015 - 14:59 | |
CVE-2015-5066 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) content or (2) title field in an add action in the posts page to index.php or the (3) q par
|
09-10-2018 - 19:57 | 24-06-2015 - 14:59 | |
CVE-2015-3443 | 3.5 |
Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly h
|
09-10-2018 - 19:56 | 02-07-2015 - 14:59 | |
CVE-2015-4557 | 4.3 |
Cross-site scripting (XSS) vulnerability in the new_Twitter_sign_button function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the re
|
16-05-2018 - 14:58 | 12-04-2018 - 15:29 | |
CVE-2015-4223 | 5.0 |
Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted MPLS Label Distribution Protocol (LDP) packets, aka Bug ID CSCuu77478.
|
28-12-2016 - 17:42 | 25-06-2015 - 16:59 | |
CVE-2015-4713 | 6.5 |
SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php.
|
07-12-2016 - 18:13 | 22-06-2015 - 18:59 | |
CVE-2015-4703 | 5.0 |
Absolute path traversal vulnerability in mysqldump_download.php in the WordPress Rename plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the dumpfname parameter.
|
27-06-2016 - 14:34 | 12-01-2016 - 19:59 |