Max CVSS | 10.0 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-2007 | 6.9 |
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
|
13-02-2023 - 04:42 | 21-05-2013 - 18:55 | |
CVE-2017-5669 | 4.6 |
The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for
|
09-10-2020 - 14:49 | 24-02-2017 - 15:59 | |
CVE-2004-2533 | 5.0 |
Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2
|
28-07-2020 - 14:34 | 31-12-2004 - 05:00 | |
CVE-2004-2111 | 8.5 |
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
|
28-07-2020 - 14:34 | 31-12-2004 - 05:00 | |
CVE-2017-1145 | 7.8 |
IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. IBM Reference #: 1999672.
|
03-10-2019 - 00:03 | 20-03-2017 - 16:59 | |
CVE-2017-10011 | 4.9 |
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services Applications (subcomponent: Miscellaneous). Supported versions that are affected are 2.0.0, 2.0.1, 2.2.0 and 12.0.1. Easily exploitable vulnerability allows l
|
03-10-2019 - 00:03 | 08-08-2017 - 15:29 | |
CVE-2017-5790 | 10.0 |
A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center (IMC) PLAT version 7.2 E0403P06 was found.
|
07-03-2018 - 16:02 | 15-02-2018 - 22:29 | |
CVE-2008-2771 | 5.0 |
The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspeci
|
08-08-2017 - 01:31 | 18-06-2008 - 22:41 | |
CVE-2006-4360 | 3.5 |
Cross-site scripting (XSS) vulnerability in E-commerce 4.7 for Drupal before file.module 1.37.2.4 (20060812) allows remote authenticated users with the "create products" permission to inject arbitrary web script or HTML via unspecified vectors.
|
20-07-2017 - 01:33 | 27-08-2006 - 02:04 | |
CVE-2017-0476 | 6.8 |
A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as High due to the possibility of remote code execut
|
17-07-2017 - 13:18 | 08-03-2017 - 01:59 | |
CVE-2017-0129 | 5.0 |
Microsoft Lync for Mac 2011 fails to properly validate certificates, allowing remote attackers to alter server-client communications, aka "Microsoft Lync for Mac Certificate Validation Vulnerability."
|
12-07-2017 - 01:29 | 17-03-2017 - 00:59 | |
CVE-2015-5729 | 5.0 |
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress M288OFW printers generate weak WPA2 PSK keys, which makes it easier for remote attackers to obtain sensitive information or bypass authentication via
|
04-04-2017 - 16:15 | 23-03-2017 - 20:59 | |
CVE-2017-6503 | 4.3 |
WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.
|
14-03-2017 - 01:59 | 06-03-2017 - 02:59 | |
CVE-2017-6544 | 4.3 |
Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in wuhu-master/www_admin/users.php (id parameter).
|
14-03-2017 - 01:59 | 08-03-2017 - 23:59 | |
CVE-2015-7464 | 5.0 |
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote attackers to cause a denial of service (Report Builder server outage) via a crafted request to a Report B
|
14-03-2017 - 01:59 | 29-01-2016 - 11:59 | |
CVE-2016-9006 | 3.5 |
IBM UrbanCode Deploy 6.1 and 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t
|
14-03-2017 - 01:59 | 08-03-2017 - 19:59 |