| Max CVSS | 9.3 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-0023 | 4.3 |
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2)
|
02-02-2024 - 16:32 | 08-06-2009 - 01:00 | |
| CVE-2009-3604 | 9.3 |
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) o
|
13-02-2023 - 01:17 | 21-10-2009 - 17:30 | |
| CVE-2005-0530 | 2.1 |
Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.
|
13-02-2023 - 01:15 | 02-05-2005 - 04:00 | |
| CVE-2001-0339 | 7.5 |
Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability.
|
23-07-2021 - 12:18 | 27-06-2001 - 04:00 | |
| CVE-2004-0942 | 5.0 |
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines with a large number of space characters.
|
06-06-2021 - 11:15 | 09-02-2005 - 05:00 | |
| CVE-2006-6097 | 4.0 |
GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function
|
17-10-2018 - 21:46 | 24-11-2006 - 18:07 | |
| CVE-2007-5338 | 9.3 |
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome
|
15-10-2018 - 21:43 | 21-10-2007 - 20:17 | |
| CVE-2007-0458 | 4.3 |
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.
|
11-10-2017 - 01:31 | 02-02-2007 - 20:28 | |
| CVE-2004-0959 | 2.1 |
rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.
|
11-10-2017 - 01:29 | 03-11-2004 - 05:00 | |
| CVE-2005-0232 | 2.6 |
Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain s
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2010-1780 | 9.3 |
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of servi
|
19-09-2017 - 01:30 | 30-07-2010 - 20:30 |