| Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-14523 | 5.0 |
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only come from a local machine or from the administrat
|
05-08-2024 - 20:15 | 26-01-2018 - 20:29 | |
| CVE-2016-0093 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
| CVE-2016-0094 | 7.2 |
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted a
|
12-10-2018 - 22:11 | 09-03-2016 - 11:59 | |
| CVE-2016-0784 | 4.0 |
Directory traversal vulnerability in the Import/Export System Backups functionality in Apache OpenMeetings before 3.1.1 allows remote authenticated administrators to write to arbitrary files via a .. (dot dot) in a ZIP archive entry.
|
09-10-2018 - 19:58 | 11-04-2016 - 14:59 | |
| CVE-2016-4071 | 7.5 |
Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call.
|
05-01-2018 - 02:30 | 20-05-2016 - 11:00 | |
| CVE-2007-2817 | 7.5 |
SQL injection vulnerability in read/index.php in ol'bookmarks 0.7.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
11-10-2017 - 01:32 | 22-05-2007 - 21:30 | |
| CVE-2015-3864 | 10.0 |
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759.
|
16-09-2017 - 01:29 | 01-10-2015 - 00:59 | |
| CVE-2015-8048 | 10.0 |
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler
|
08-09-2017 - 01:29 | 10-12-2015 - 05:59 | |
| CVE-2010-2456 | 6.8 |
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type param
|
17-08-2017 - 01:32 | 25-06-2010 - 21:30 | |
| CVE-2016-0710 | 7.5 |
Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.
|
20-04-2016 - 18:24 | 11-04-2016 - 14:59 | |
| CVE-2016-0709 | 9.0 |
Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache Jetspeed before 2.3.1 allows remote authenticated administrators to write to arbitrary files, and consequently execute arbitrary code, via a .. (dot
|
20-04-2016 - 18:14 | 11-04-2016 - 14:59 |