| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-3596 | 5.8 |
The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to
|
13-02-2023 - 00:40 | 27-08-2014 - 00:55 | |
| CVE-2003-1559 | 5.0 |
Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
|
23-07-2021 - 12:18 | 31-12-2003 - 05:00 | |
| CVE-2017-3748 | 7.2 |
On Lenovo VIBE mobile phones, improper access controls on the nac_server component can be abused in conjunction with CVE-2017-3749 and CVE-2017-3750 to elevate privileges to the root user (commonly known as 'rooting' or "jail breaking" a device).
|
03-10-2019 - 00:03 | 29-06-2017 - 15:29 | |
| CVE-2008-2458 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in Starsgames Control Panel 4.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the st parameter.
|
11-10-2018 - 20:41 | 27-05-2008 - 14:32 | |
| CVE-2016-6402 | 7.2 |
UCS Manager and UCS 6200 Fabric Interconnects in Cisco Unified Computing System (UCS) through 3.0(2d) allow local users to obtain OS root access via crafted CLI input, aka Bug ID CSCuz91263.
|
30-07-2017 - 01:29 | 18-09-2016 - 22:59 | |
| CVE-2016-6407 | 5.0 |
Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.
|
30-07-2017 - 01:29 | 17-09-2016 - 02:59 | |
| CVE-2016-1483 | 7.8 |
Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704.
|
30-07-2017 - 01:29 | 19-09-2016 - 01:59 | |
| CVE-2016-1482 | 9.3 |
Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130.
|
30-07-2017 - 01:29 | 17-09-2016 - 21:59 | |
| CVE-2016-7402 | 7.5 |
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.
|
28-11-2016 - 20:39 | 03-11-2016 - 10:59 | |
| CVE-2016-6405 | 6.8 |
Cisco Fog Director 1.0(0) for IOx allows remote authenticated users to bypass intended access restrictions and write to arbitrary files via the Cartridge interface, aka Bug ID CSCuz89368.
|
28-11-2016 - 20:32 | 18-09-2016 - 22:59 |