| Max CVSS | 10.0 | Min CVSS | 3.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-2538 | 3.6 |
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS
|
12-02-2023 - 23:17 | 16-06-2016 - 18:59 | |
| CVE-2019-5526 | 9.3 |
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges
|
24-08-2020 - 17:37 | 15-05-2019 - 16:29 | |
| CVE-2006-2678 | 5.8 |
Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php
|
18-10-2018 - 16:41 | 31-05-2006 - 10:06 | |
| CVE-2008-1458 | 4.3 |
Cross-site scripting (XSS) vulnerability in index.php in CS-Cart 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a products search action. NOTE: it was also reported that 1.3.5-SP2 trial edition is also af
|
11-10-2018 - 20:34 | 24-03-2008 - 18:44 | |
| CVE-2015-8277 | 10.0 |
Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with opcode (a) 0x107 or (b) 0x10a.
|
07-08-2018 - 01:29 | 24-02-2016 - 03:59 | |
| CVE-2015-5351 | 6.8 |
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protec
|
19-07-2018 - 01:29 | 25-02-2016 - 01:59 | |
| CVE-2003-0468 | 5.0 |
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes
|
11-10-2017 - 01:29 | 27-08-2003 - 04:00 | |
| CVE-2003-0540 | 5.0 |
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Error
|
11-10-2017 - 01:29 | 27-08-2003 - 04:00 | |
| CVE-2016-8584 | 7.5 |
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.
|
10-05-2017 - 18:22 | 28-04-2017 - 19:59 | |
| CVE-2014-2197 | 9.0 |
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administra
|
07-01-2017 - 02:59 | 07-07-2014 - 11:01 |