| Max CVSS | 9.3 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-1166 | 7.1 |
The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted request
|
13-02-2023 - 04:17 | 29-04-2010 - 21:30 | |
| CVE-2002-1182 | 5.0 |
IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV requests that cause a large amount of memory to be assigned.
|
23-11-2020 - 19:49 | 12-11-2002 - 05:00 | |
| CVE-2007-2876 | 6.1 |
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid
|
30-10-2018 - 16:26 | 11-06-2007 - 23:30 | |
| CVE-2006-3017 | 9.3 |
zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the varia
|
30-10-2018 - 16:25 | 14-06-2006 - 23:02 | |
| CVE-2006-3810 | 6.8 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the XPCNativeWrapper(window).Function construct.
|
17-10-2018 - 21:31 | 27-07-2006 - 20:04 | |
| CVE-2008-0420 | 9.3 |
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to re
|
15-10-2018 - 22:00 | 12-02-2008 - 03:00 | |
| CVE-2009-2417 | 7.5 |
lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof a
|
10-10-2018 - 19:40 | 14-08-2009 - 15:16 | |
| CVE-2009-1305 | 5.0 |
The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP
|
03-10-2018 - 21:59 | 22-04-2009 - 18:30 | |
| CVE-2006-5757 | 1.2 |
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed d
|
11-10-2017 - 01:31 | 06-11-2006 - 20:07 | |
| CVE-2004-0233 | 2.1 |
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
|
11-10-2017 - 01:29 | 18-08-2004 - 04:00 | |
| CVE-2004-1156 | 4.3 |
Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up windo
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 |