| Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-6278 | 10.0 |
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the Force
|
17-11-2021 - 22:15 | 30-09-2014 - 10:55 | |
| CVE-2018-6655 | 3.5 |
PHP Scripts Mall Doctor Search Script 1.0.2 has Stored XSS via an arbitrary profile field.
|
26-02-2018 - 20:31 | 07-02-2018 - 21:29 | |
| CVE-2007-2971 | 7.5 |
SQL injection vulnerability in getnewsitem.php in gCards 1.46 and earlier allows remote attackers to execute arbitrary SQL commands via the newsid parameter.
|
19-10-2017 - 01:30 | 01-06-2007 - 01:30 | |
| CVE-2016-5237 | 1.9 |
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
|
07-09-2017 - 01:29 | 23-01-2017 - 21:59 | |
| CVE-2016-3670 | 4.3 |
Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.
|
20-06-2016 - 12:35 | 13-06-2016 - 14:59 |