Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2011-0611 | 9.3 |
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on W
|
13-08-2024 - 18:58 | 13-04-2011 - 14:55 | |
CVE-2010-3333 | 9.3 |
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via
|
16-07-2024 - 17:38 | 10-11-2010 - 03:00 | |
CVE-2006-2156 | 6.4 |
Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and earlier allows remote attackers to include arbitrary files via .. (dot dot) sequences in the help_file parameter.
|
18-10-2018 - 16:38 | 03-05-2006 - 10:02 | |
CVE-2008-1969 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in Cezanne 6.5.1 and 7 allow remote attackers to inject arbitrary web script or HTML via the (1) LookUPId and (2) CbFun parameters to (a) CFLookUP.asp; (3) TitleParms, (4) WidgetsHeights, (5) Widget
|
11-10-2018 - 20:38 | 27-04-2008 - 18:05 | |
CVE-2011-2678 | 6.8 |
The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions (NT AUTHORITY\INTERACTIVE:F) for cvpnd.exe, which allows local users to gain privileges by replacing this executable file with an arbitrary program, aka
|
09-10-2018 - 19:32 | 07-07-2011 - 19:55 | |
CVE-2008-5767 | 7.5 |
SQL injection vulnerability in authors.asp in gNews Publisher allows remote attackers to execute arbitrary SQL commands via the authorID parameter.
|
29-09-2017 - 01:32 | 30-12-2008 - 20:30 | |
CVE-2011-1865 | 10.0 |
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
|
17-08-2017 - 01:34 | 01-07-2011 - 10:55 | |
CVE-2011-1938 | 7.5 |
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
|
17-08-2017 - 01:34 | 31-05-2011 - 20:55 | |
CVE-2007-3330 | 4.3 |
Cross-site scripting (XSS) vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to inject arbitrary web script or HTML via a news post, which is stored in news/ without sanitization.
|
29-07-2017 - 01:32 | 21-06-2007 - 18:30 | |
CVE-2007-3331 | 5.0 |
Cross-site request forgery (CSRF) vulnerability in STphp EasyNews PRO 4.0 allows remote attackers to change the admin password via (1) a certain HTML form that is posted automatically by JavaScript or (2) a news post.
|
29-07-2017 - 01:32 | 21-06-2007 - 18:30 | |
CVE-2006-5651 | 5.0 |
list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to obtain sensitive information via a non-numeric page parameter, which displays the installation path in the resulting error message.
|
20-07-2017 - 01:33 | 07-11-2006 - 20:07 | |
CVE-2011-1931 | 6.8 |
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array,
|
22-09-2011 - 03:31 | 07-07-2011 - 21:55 | |
CVE-2011-1498 | 4.3 |
Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this hea
|
22-09-2011 - 03:30 | 07-07-2011 - 21:55 |