| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-14350 | 4.4 |
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the insta
|
24-01-2023 - 02:38 | 24-08-2020 - 13:15 | |
| CVE-2020-15706 | 4.4 |
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure b
|
16-11-2022 - 03:58 | 29-07-2020 - 18:15 | |
| CVE-2020-15705 | 4.4 |
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB imag
|
18-04-2022 - 15:22 | 29-07-2020 - 18:15 | |
| CVE-2020-15707 | 4.4 |
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffe
|
13-09-2021 - 14:25 | 29-07-2020 - 18:15 | |
| CVE-2020-7211 | 5.0 |
tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.
|
23-01-2020 - 23:18 | 21-01-2020 - 17:15 | |
| CVE-2012-5578 | 2.1 |
Python keyring has insecure permissions on new databases allowing world-readable files to be created
|
04-12-2019 - 15:55 | 25-11-2019 - 13:15 | |
| CVE-2012-4385 | 4.3 |
letodms 3.3.6 has CSRF via change password
|
15-11-2019 - 18:06 | 13-11-2019 - 17:15 | |
| CVE-2012-4384 | 4.3 |
letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar
|
14-11-2019 - 19:23 | 13-11-2019 - 16:15 | |
| CVE-2011-3618 | 4.6 |
atop: symlink attack possible due to insecure tempfile handling
|
14-11-2019 - 18:37 | 12-11-2019 - 15:15 | |
| CVE-2011-2935 | 4.3 |
Elgg through 1.7.10 has XSS
|
13-11-2019 - 19:29 | 12-11-2019 - 14:15 | |
| CVE-2011-2936 | 7.5 |
Elgg through 1.7.10 has a SQL injection vulnerability
|
12-11-2019 - 21:53 | 12-11-2019 - 14:15 | |
| CVE-2011-3370 | 4.3 |
statusnet before 0.9.9 has XSS
|
12-11-2019 - 21:16 | 12-11-2019 - 14:15 | |
| CVE-2005-3056 | 7.5 |
TWiki allows arbitrary shell command execution via the Include function
|
05-11-2019 - 14:33 | 01-11-2019 - 13:15 | |
| CVE-2010-3375 | 7.5 |
qtparted has insecure library loading which may allow arbitrary code execution
|
01-11-2019 - 18:23 | 29-10-2019 - 19:15 | |
| CVE-2010-4245 | 4.3 |
pootle 2.0.5 has XSS via 'match_names' parameter
|
01-11-2019 - 15:15 | 28-10-2019 - 15:15 | |
| CVE-2009-4899 | 7.5 |
pixelpost 1.7.1 has SQL injection
|
01-11-2019 - 14:15 | 28-10-2019 - 15:15 | |
| CVE-2009-4900 | 4.3 |
pixelpost 1.7.1 has XSS
|
01-11-2019 - 14:15 | 28-10-2019 - 15:15 | |
| CVE-2002-2444 | 7.5 |
Snoopy before 2.0.0 has a security hole in exec cURL
|
01-11-2019 - 14:15 | 28-10-2019 - 14:15 | |
| CVE-2010-3293 | 2.1 |
mailscanner can allow local users to prevent virus signatures from being updated
|
30-10-2019 - 19:10 | 28-10-2019 - 15:15 |