| Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-16945 | 7.2 |
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path.
|
08-09-2021 - 17:21 | 31-01-2018 - 20:29 | |
| CVE-2017-16928 | 7.2 |
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.
|
08-09-2021 - 17:21 | 31-01-2018 - 20:29 | |
| CVE-2017-10271 | 5.0 |
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauth
|
03-10-2019 - 00:03 | 19-10-2017 - 17:29 | |
| CVE-2007-3997 | 7.5 |
The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
|
26-10-2018 - 13:59 | 04-09-2007 - 18:17 | |
| CVE-2018-4090 | 4.3 |
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to by
|
27-04-2018 - 18:14 | 03-04-2018 - 06:29 | |
| CVE-2018-8815 | 3.5 |
Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image.
|
13-04-2018 - 16:44 | 20-03-2018 - 07:29 | |
| CVE-2017-5792 | 7.5 |
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found.
|
24-02-2018 - 16:37 | 15-02-2018 - 22:29 | |
| CVE-2018-5701 | 10.0 |
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
|
15-02-2018 - 16:35 | 31-01-2018 - 18:29 | |
| CVE-2017-16716 | 7.5 |
A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.
|
02-02-2018 - 02:29 | 05-01-2018 - 08:29 | |
| CVE-2017-16570 | 6.8 |
KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by removing the CSRF parameter and value, aka SecureLayer7 issue number SL7_KEYJS_03. In other words, it fails to reject requests that lack an x-csrf-token header.
|
31-01-2018 - 02:29 | 06-11-2017 - 08:29 | |
| CVE-2010-2911 | 7.5 |
SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execute arbitrary SQL commands via the newsid parameter in a viewnews action.
|
17-08-2017 - 01:32 | 28-07-2010 - 21:30 |