Max CVSS | 9.3 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-2302 | 7.8 |
On Juniper Networks products or platforms running Junos OS 12.1X46 prior to 12.1X46-D55, 12.1X47 prior to 12.1X47-D45, 12.3R13 prior to 12.3R13, 12.3X48 prior to 12.3X48-D35, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D40,
|
03-10-2019 - 00:03 | 30-05-2017 - 14:29 | |
CVE-2017-2301 | 7.8 |
On Juniper Networks products or platforms running Junos OS 11.4 prior to 11.4R13-S3, 12.1X46 prior to 12.1X46-D60, 12.3 prior to 12.3R12-S2 or 12.3R13, 12.3X48 prior to 12.3X48-D40, 13.2X51 prior to 13.2X51-D40, 13.3 prior to 13.3R10, 14.1 prior to 1
|
03-10-2019 - 00:03 | 30-05-2017 - 14:29 | |
CVE-2010-0997 | 3.5 |
Cross-site scripting (XSS) vulnerability in 107_plugins/content/content_manager.php in the Content Management plugin in e107 before 0.7.20, when the personal content manager is enabled, allows user-assisted remote authenticated users to inject arbitr
|
10-10-2018 - 19:55 | 20-04-2010 - 16:30 | |
CVE-2016-9444 | 5.0 |
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer.
|
27-09-2018 - 10:29 | 12-01-2017 - 06:59 | |
CVE-2016-9147 | 5.0 |
named in ISC BIND 9.9.9-P4, 9.9.9-S6, 9.10.4-P4, and 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a response containing an inconsistency among the DNSSEC-related RRsets.
|
27-09-2018 - 10:29 | 12-01-2017 - 06:59 | |
CVE-2017-9938 | 5.0 |
A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to cause a Denial-of-Service condition. The service restar
|
22-11-2017 - 02:29 | 08-08-2017 - 00:29 | |
CVE-2017-5488 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/update-core.php in WordPress before 4.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) version header of a plugin.
|
04-11-2017 - 01:29 | 15-01-2017 - 02:59 | |
CVE-2017-5489 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in WordPress before 4.7.1 allows remote attackers to hijack the authentication of unspecified victims via vectors involving a Flash file upload.
|
04-11-2017 - 01:29 | 15-01-2017 - 02:59 | |
CVE-2017-5487 | 5.0 |
wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php in the REST API implementation in WordPress 4.7 before 4.7.1 does not properly restrict listings of post authors, which allows remote attackers to obtain sensitive information via a wp
|
01-09-2017 - 01:29 | 15-01-2017 - 02:59 | |
CVE-2013-2298 | 9.3 |
Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.
|
29-08-2017 - 01:33 | 02-06-2014 - 15:55 | |
CVE-2008-2406 | 7.5 |
The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102.
|
08-08-2017 - 01:31 | 04-06-2008 - 20:32 | |
CVE-2004-2347 | 7.5 |
blog.cgi in Leif M. Wright Web Blog 1.1 and 1.1.5 allows remote attackers to execute arbitrary commands via shell metacharacters such as '|' in the file parameter of ViewFile requests.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
CVE-2015-3441 | 9.0 |
The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote authenticated users to execute arbitrary CLI commands via the (1) start_hour, (2) start_minute, (3) end_hour, (4) end_minute, or (5) hostname parameter.
|
18-01-2017 - 02:59 | 05-01-2017 - 22:59 |