Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-3544 | 5.0 |
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
|
15-04-2019 - 16:29 | 01-06-2013 - 14:21 | |
CVE-2013-2067 | 6.8 |
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions,
|
15-04-2019 - 16:29 | 01-06-2013 - 14:21 | |
CVE-2005-4451 | 7.5 |
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
|
19-10-2018 - 15:40 | 21-12-2005 - 11:03 | |
CVE-2007-5372 | 10.0 |
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
|
15-10-2018 - 21:44 | 11-10-2007 - 10:17 | |
CVE-2002-1618 | 7.2 |
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
|
11-10-2017 - 01:29 | 16-10-2002 - 04:00 | |
CVE-2015-4281 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146.
|
21-09-2017 - 01:29 | 22-07-2015 - 14:59 | |
CVE-2013-0946 | 9.3 |
Buffer overflow in the Library Control Program (LCP) in EMC AlphaStor 4.0 before build 910 allows remote attackers to execute arbitrary code via crafted commands. http://archives.neohapsis.com/archives/bugtraq/2013-05/att-0035/ESA-2013-037.txt
|
17-09-2017 - 01:29 | 10-05-2013 - 11:42 | |
CVE-2013-2071 | 2.6 |
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive req
|
23-05-2017 - 01:29 | 01-06-2013 - 14:21 | |
CVE-2016-2992 | 3.5 |
IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted
|
15-02-2017 - 13:13 | 01-02-2017 - 22:59 | |
CVE-2016-0211 | 4.0 |
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.
|
03-12-2016 - 03:16 | 28-04-2016 - 01:59 |