Max CVSS 10.0 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2012-3544 5.0
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data.
15-04-2019 - 16:29 01-06-2013 - 14:21
CVE-2013-2067 6.8
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions,
15-04-2019 - 16:29 01-06-2013 - 14:21
CVE-2005-4451 7.5
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
19-10-2018 - 15:40 21-12-2005 - 11:03
CVE-2007-5372 10.0
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
15-10-2018 - 21:44 11-10-2007 - 10:17
CVE-2002-1618 7.2
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
11-10-2017 - 01:29 16-10-2002 - 04:00
CVE-2015-4281 6.8
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146.
21-09-2017 - 01:29 22-07-2015 - 14:59
CVE-2013-0946 9.3
Buffer overflow in the Library Control Program (LCP) in EMC AlphaStor 4.0 before build 910 allows remote attackers to execute arbitrary code via crafted commands. http://archives.neohapsis.com/archives/bugtraq/2013-05/att-0035/ESA-2013-037.txt
17-09-2017 - 01:29 10-05-2013 - 11:42
CVE-2013-2071 2.6
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive req
23-05-2017 - 01:29 01-06-2013 - 14:21
CVE-2016-2992 3.5
IBM Infosphere BigInsights is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted
15-02-2017 - 13:13 01-02-2017 - 22:59
CVE-2016-0211 4.0
IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.
03-12-2016 - 03:16 28-04-2016 - 01:59
Back to Top Mark selected
Back to Top