| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-6088 | 4.3 |
The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 does not return an error code in certain situations involving an "unparseable signature," which allows remote attackers to bypass RPM signature checks via a crafted package.
|
13-02-2023 - 04:37 | 18-01-2013 - 11:48 | |
| CVE-2012-4453 | 2.1 |
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.
|
13-02-2023 - 00:26 | 09-10-2012 - 23:55 | |
| CVE-2013-0008 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows loc
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
| CVE-2013-0008 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle window broadcast messages, which allows loc
|
28-09-2020 - 12:58 | 09-01-2013 - 18:09 | |
| CVE-2002-0864 | 5.0 |
The Remote Data Protocol (RDP) version 5.1 in Microsoft Windows XP allows remote attackers to cause a denial of service (crash) when Remote Desktop is enabled via a PDU Confirm Active data packet that does not set the Pattern BLT command, aka "Denial
|
30-04-2019 - 14:27 | 11-10-2002 - 04:00 | |
| CVE-2007-4827 | 7.5 |
Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus re
|
15-10-2018 - 21:38 | 19-09-2007 - 18:17 | |
| CVE-2012-4915 | 5.0 |
Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php.
|
29-08-2017 - 01:32 | 29-05-2014 - 14:19 | |
| CVE-2005-4043 | 7.5 |
SQL injection vulnerability in view.php in Hobosworld HobSR 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) arrange and (2) p parameters.
|
20-07-2017 - 01:29 | 06-12-2005 - 11:03 | |
| CVE-2016-10153 | 7.2 |
The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other im
|
09-02-2017 - 14:57 | 06-02-2017 - 06:59 | |
| CVE-2012-6467 | 4.3 |
Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site, as exploited in the wild in November 20
|
29-09-2015 - 18:46 | 02-01-2013 - 11:46 |