Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-0855 | 4.3 |
Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.23 on z/OS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
02-12-2022 - 18:15 | 09-03-2009 - 21:30 | |
CVE-2009-0884 | 4.3 |
Buffer overflow in FileZilla Server before 0.9.31 allows remote attackers to cause a denial of service via unspecified vectors related to SSL/TLS packets.
|
28-07-2020 - 16:37 | 12-03-2009 - 15:20 | |
CVE-2017-14008 | 7.5 |
GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain a
|
09-10-2019 - 23:23 | 20-03-2018 - 16:29 | |
CVE-2009-0838 | 4.9 |
The crypto pseudo device driver in Sun Solaris 10, and OpenSolaris snv_88 through snv_102, does not properly free memory, which allows local users to cause a denial of service (panic) via unspecified vectors, related to the vmem_hash_delete function.
|
30-10-2018 - 16:25 | 06-03-2009 - 18:30 | |
CVE-2009-0537 | 4.9 |
Integer overflow in the fts_build function in fts.c in libc in (1) OpenBSD 4.4 and earlier and (2) Microsoft Interix 6.0 build 10.0.6030.0 allows context-dependent attackers to cause a denial of service (application crash) via a deep directory tree,
|
11-10-2018 - 21:01 | 09-03-2009 - 21:30 | |
CVE-2012-2318 | 5.0 |
msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message.
|
29-12-2017 - 02:29 | 03-07-2012 - 19:55 | |
CVE-2001-1124 | 5.0 |
rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow.
|
19-12-2017 - 02:29 | 01-10-2001 - 04:00 | |
CVE-2007-1364 | 6.4 |
DropAFew before 0.2.1 does not require authorization for certain privileged actions, which allows remote attackers to (1) view the logged calorie information of arbitrary users via the id parameter in editlogcal.php, (2) add arbitrary links via links
|
29-07-2017 - 01:30 | 11-04-2007 - 22:19 | |
CVE-2007-1363 | 7.5 |
Multiple SQL injection vulnerabilities in DropAFew before 0.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in the delete action in (a) search.php or (b) search-pda.php, or the (2) calories parameter in a save ac
|
29-07-2017 - 01:30 | 11-04-2007 - 22:19 | |
CVE-2005-1380 | 6.8 |
Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action.
|
11-07-2017 - 01:32 | 03-05-2005 - 04:00 | |
CVE-2016-0246 | 4.3 |
Cross-site scripting (XSS) vulnerability in IBM Security Guardium 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
28-11-2016 - 19:52 | 22-10-2016 - 03:59 | |
CVE-2009-4810 | 7.5 |
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication via crafted input.
|
26-04-2010 - 16:17 | 23-04-2010 - 14:30 | |
CVE-2009-0856 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in sample applications in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35, and 6.1 before 6.1.0.23 on z/OS, allow remote attackers to inject arbitrary web script or HTML via unspecified
|
05-06-2009 - 04:00 | 09-03-2009 - 21:30 |