| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-0901 | 6.4 |
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem.
|
09-10-2019 - 23:21 | 31-08-2017 - 20:29 | |
| CVE-2017-13754 | 3.5 |
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.
|
09-10-2018 - 20:01 | 07-09-2017 - 13:29 | |
| CVE-2007-4256 | 5.0 |
Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter.
|
29-09-2017 - 01:29 | 08-08-2007 - 23:17 | |
| CVE-2017-11567 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to __mg_admin?save. NOTE: this issue can be leverage
|
18-09-2017 - 17:43 | 07-09-2017 - 13:29 | |
| CVE-2017-14126 | 4.3 |
The Participants Database plugin before 1.7.5.10 for WordPress has XSS.
|
08-09-2017 - 01:29 | 04-09-2017 - 20:29 |