| Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2002-0089 | 7.2 |
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
|
30-10-2018 - 16:26 | 15-03-2002 - 05:00 | |
| CVE-2011-0355 | 7.8 |
Cisco Nexus 1000V Virtual Ethernet Module (VEM) 4.0(4) SV1(1) through SV1(3b), as used in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, does not properly handle dropped packets, which allows guest OS users to cause a denial of service (ESX or ESXi hos
|
10-10-2018 - 20:09 | 17-02-2011 - 18:00 | |
| CVE-2005-2672 | 2.1 |
pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file.
|
03-10-2018 - 21:31 | 23-08-2005 - 04:00 | |
| CVE-2018-8311 | 6.8 |
A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microso
|
10-09-2018 - 19:36 | 11-07-2018 - 00:29 | |
| CVE-2011-0701 | 4.0 |
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
|
22-11-2017 - 16:05 | 14-03-2011 - 19:55 | |
| CVE-2011-0700 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (1) the Quick/Bulk Edit title (aka post title or post_title), (2) post_status
|
21-11-2017 - 18:08 | 14-03-2011 - 19:55 | |
| CVE-2007-3401 | 7.5 |
PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter.
|
11-10-2017 - 01:32 | 26-06-2007 - 17:30 | |
| CVE-2012-2577 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName field of an
|
29-08-2017 - 01:31 | 12-08-2012 - 16:55 | |
| CVE-2015-3980 | 7.5 |
SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534.
|
03-01-2017 - 03:00 | 12-05-2015 - 20:59 | |
| CVE-2012-2602 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create user accounts via Create
|
13-08-2012 - 04:00 | 12-08-2012 - 16:55 |