| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2003-1201 | 5.0 |
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial o
|
13-02-2024 - 17:43 | 20-03-2003 - 05:00 | |
| CVE-2014-2709 | 7.5 |
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters. Per: https://cwe.mitre.org/data/definitions/77.html
"CWE-77: Improper Neutralization of Specia
|
13-12-2018 - 18:22 | 23-04-2014 - 15:55 | |
| CVE-2014-2328 | 6.5 |
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors. Per: https://cwe.mitre.org/data/definitions/77.html
"CWE-77: Improper Neutrali
|
13-12-2018 - 18:22 | 23-04-2014 - 15:55 | |
| CVE-2014-2327 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configur
|
13-12-2018 - 18:22 | 23-04-2014 - 15:55 | |
| CVE-2014-4002 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_t
|
30-10-2018 - 16:27 | 03-07-2014 - 14:55 | |
| CVE-2014-2326 | 4.3 |
Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
30-10-2018 - 16:27 | 27-03-2014 - 16:55 | |
| CVE-2008-0387 | 7.8 |
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_s
|
26-10-2018 - 14:19 | 29-01-2008 - 02:00 | |
| CVE-2006-0049 | 5.0 |
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report
|
19-10-2018 - 15:42 | 13-03-2006 - 21:06 | |
| CVE-2014-2708 | 7.5 |
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6)
|
29-08-2017 - 01:34 | 10-04-2014 - 20:29 | |
| CVE-2008-0467 | 10.0 |
Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.
|
08-08-2017 - 01:29 | 29-01-2008 - 02:00 | |
| CVE-2010-1138 | 5.0 |
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VM
|
15-05-2013 - 03:07 | 12-04-2010 - 18:30 | |
| CVE-2004-1880 | 5.0 |
Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause a denial of service (memory consumption).
|
10-09-2008 - 19:32 | 31-12-2004 - 05:00 |