| Max CVSS | 7.5 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-0595 | 2.6 |
/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the
|
24-02-2020 - 14:15 | 08-05-2014 - 10:55 | |
| CVE-2003-0059 | 7.5 |
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
|
21-01-2020 - 15:44 | 19-02-2003 - 05:00 | |
| CVE-2019-1642 | 4.3 |
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interf
|
09-10-2019 - 23:47 | 23-01-2019 - 23:29 | |
| CVE-2017-2579 | 6.8 |
An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution.
|
24-06-2019 - 15:15 | 27-07-2018 - 18:29 | |
| CVE-2014-3758 | 4.3 |
Cross-site scripting (XSS) vulnerability in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via vectors related to the import functionality.
|
09-10-2018 - 19:47 | 16-05-2014 - 14:55 | |
| CVE-2014-3759 | 7.5 |
Multiple SQL injection vulnerabilities in the BibTex Publications (si_bibtex) extension 0.2.3 for TYPO3 allow remote attackers to execute arbitrary SQL commands via vectors related to the (1) search or (2) list functionality.
|
09-10-2018 - 19:47 | 16-05-2014 - 14:55 | |
| CVE-2014-3111 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 through 0.32 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Printer Model field to the Printer Management page, (2) Image Name field to the Image Man
|
09-10-2018 - 19:43 | 21-10-2014 - 16:55 | |
| CVE-2006-0844 | 7.5 |
Leif M. Wright's Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote attackers to bypass login authentication, probably by setting the blogAdmin cookie.
|
20-07-2017 - 01:30 | 22-02-2006 - 02:02 | |
| CVE-2014-0172 | 6.8 |
Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code
|
01-07-2017 - 01:29 | 11-04-2014 - 15:55 | |
| CVE-2015-6908 | 5.0 |
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
|
22-12-2016 - 03:00 | 11-09-2015 - 16:59 | |
| CVE-2014-3129 | 5.0 |
The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.
|
10-05-2014 - 04:06 | 30-04-2014 - 14:22 |