| Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-0434 | 4.3 |
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, wh
|
13-02-2023 - 04:16 | 05-03-2010 - 19:30 | |
| CVE-2006-3918 | 4.3 |
http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected ba
|
21-09-2022 - 19:35 | 28-07-2006 - 00:04 | |
| CVE-2005-0087 | 4.6 |
The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library.
|
22-05-2020 - 15:20 | 27-04-2005 - 04:00 | |
| CVE-2005-4601 | 7.5 |
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.
|
19-10-2018 - 15:41 | 31-12-2005 - 05:00 | |
| CVE-2006-5463 | 7.5 |
Unspecified vulnerability in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allows remote attackers to execute arbitrary JavaScript bytecode via unspecified vectors involving modification of a Script object whi
|
17-10-2018 - 21:43 | 08-11-2006 - 22:07 | |
| CVE-2007-2873 | 1.9 |
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is use
|
11-10-2017 - 01:32 | 11-06-2007 - 23:30 | |
| CVE-2005-1531 | 7.5 |
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a javascript: URL
|
11-10-2017 - 01:30 | 12-05-2005 - 04:00 | |
| CVE-2004-0010 | 7.2 |
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
|
11-10-2017 - 01:29 | 03-03-2004 - 05:00 | |
| CVE-2008-0053 | 10.0 |
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
|
29-09-2017 - 01:30 | 18-03-2008 - 23:44 | |
| CVE-2007-4569 | 6.8 |
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
|
29-09-2017 - 01:29 | 21-09-2007 - 19:17 | |
| CVE-2007-4570 | 1.9 |
Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local users to cause a denial of service (temporary daemon outage) via a large range of compartments in sensitivity labels.
|
29-09-2017 - 01:29 | 10-11-2007 - 00:46 |