Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-12795 | 4.6 |
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue
|
24-08-2020 - 17:37 | 11-06-2019 - 22:29 | |
CVE-2017-7650 | 4.0 |
In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/client id to '#' or '+'. This allows locally or remotely connected clients to access MQTT topics that they do have the rights to. The same issue may be
|
03-10-2019 - 00:03 | 11-09-2017 - 16:29 | |
CVE-2008-1735 | 4.9 |
BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (system crash) via an invalid pointer to the CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function.
|
11-10-2018 - 20:36 | 30-04-2008 - 00:10 | |
CVE-2010-1056 | 6.8 |
Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
17-08-2017 - 01:32 | 23-03-2010 - 17:30 | |
CVE-2006-3361 | 5.1 |
PHP remote file inclusion vulnerability in Stud.IP 1.3.0-2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via the (1) _PHPLIB[libdir] parameter in studip-phplib/oohforms.inc and (2) ABSOLUTE_PATH_
|
20-07-2017 - 01:32 | 06-07-2006 - 20:05 | |
CVE-2015-6410 | 4.0 |
The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a u
|
07-12-2016 - 18:20 | 14-12-2015 - 03:59 | |
CVE-2003-0901 | 7.5 |
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
|
05-09-2008 - 20:35 | 03-11-2003 - 05:00 |