| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-1721 | 7.5 |
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
|
05-07-2022 - 18:43 | 10-04-2008 - 19:05 | |
| CVE-2006-2081 | 4.6 |
Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET_DOMAIN_INDEX_METADATA function in the DBMS_EXPORT_EXTENSION package. NOTE: this issue was originally linked to DB05 (CVE-2006-1870), but a reliable t
|
18-10-2018 - 16:38 | 27-04-2006 - 23:02 | |
| CVE-2006-5626 | 4.3 |
Cross-site scripting (XSS) vulnerability in cms_images/js/htmlarea/htmlarea.php in phpFaber Content Management System (CMS) before 1.3.36 on 20061026 allows remote attackers to inject arbitrary web script or HTML, probably via arbitrary parameters in
|
17-10-2018 - 21:44 | 31-10-2006 - 20:07 | |
| CVE-2007-3215 | 6.8 |
PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php. Successful exploitation requires that the PHP script using PHPMa
|
16-10-2018 - 16:47 | 14-06-2007 - 22:30 | |
| CVE-2008-2434 | 9.3 |
The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for c
|
11-10-2018 - 20:41 | 23-12-2008 - 18:30 | |
| CVE-2010-4335 | 7.5 |
The _validatePost function in libs/controller/components/security.php in CakePHP 1.3.x through 1.3.5 and 1.2.8 allows remote attackers to modify the internal Cake cache and execute arbitrary code via a crafted data[_Token][fields] value that is proce
|
22-01-2011 - 06:44 | 14-01-2011 - 23:00 |