Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-9062 | 5.0 |
In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.
|
03-10-2019 - 00:03 | 18-05-2017 - 14:29 | |
CVE-2017-10073 | 4.9 |
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0 and 12.3.0. Eas
|
03-10-2019 - 00:03 | 08-08-2017 - 15:29 | |
CVE-2017-9061 | 4.3 |
In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filename.
|
15-03-2019 - 13:12 | 18-05-2017 - 14:29 | |
CVE-2017-9063 | 4.3 |
In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability related to the Customizer exists, involving an invalid customization session.
|
15-03-2019 - 13:05 | 18-05-2017 - 14:29 | |
CVE-2017-9064 | 6.8 |
In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.
|
15-03-2019 - 12:35 | 18-05-2017 - 14:29 | |
CVE-2017-9065 | 5.0 |
In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC API.
|
15-03-2019 - 11:54 | 18-05-2017 - 14:29 | |
CVE-2017-9066 | 5.0 |
In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF.
|
15-03-2019 - 11:52 | 18-05-2017 - 14:29 | |
CVE-2008-2828 | 10.0 |
Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field.
|
08-08-2017 - 01:31 | 23-06-2008 - 19:41 | |
CVE-2004-1808 | 2.1 |
Extcompose in metamail does not verify the output file before writing to it, which allows local users to overwrite arbitrary files via a symlink attack.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
CVE-2016-8587 | 6.0 |
dlp_policy_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows remote authenticated users to execute arbitrary code via an archive file containing a symlink to /eng_ptn_stores/prod/sensorSDK/data/ or /eng_ptn_stores/pro
|
25-05-2017 - 01:29 | 28-04-2017 - 19:59 | |
CVE-2017-0346 | 7.2 |
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the size of an input buffer is not validated, leading to denial of service or potential escalation o
|
25-05-2017 - 01:29 | 09-05-2017 - 21:29 |