| Max CVSS | 9.4 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1357 | 4.3 |
Cross-site scripting (XSS) vulnerability in my.support.php3 in F5 Firepass 4100 SSL VPN 5.4.2 allows remote attackers to inject arbitrary web script or HTML via the s parameter.
|
18-10-2018 - 16:32 | 22-03-2006 - 02:02 | |
| CVE-2006-4883 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php.
|
17-10-2018 - 21:40 | 19-09-2006 - 21:07 | |
| CVE-2007-2170 | 9.4 |
The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other
|
16-10-2018 - 16:42 | 24-04-2007 - 20:19 | |
| CVE-2008-0581 | 7.2 |
Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the
|
15-10-2018 - 22:01 | 05-02-2008 - 03:00 | |
| CVE-2008-0580 | 2.1 |
Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering.
|
15-10-2018 - 22:01 | 05-02-2008 - 03:00 | |
| CVE-2007-6340 | 2.1 |
Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector (IV), which makes it easier for local users to obtain cleartext passwords.
|
15-10-2018 - 21:52 | 05-02-2008 - 03:00 |