| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3640 | 4.9 |
The update_cr8_intercept function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.32-rc1 does not properly handle the absence of an Advanced Programmable Interrupt Controller (APIC), which allows local users to cause a denia
|
13-02-2023 - 02:20 | 29-10-2009 - 14:30 | |
| CVE-2006-0931 | 5.0 |
Directory traversal vulnerability in PEAR::Archive_Tar 1.2, and other versions before 1.3.2, allows remote attackers to create and overwrite arbitrary files via certain crafted pathnames in a TAR archive.
|
18-10-2018 - 16:29 | 28-02-2006 - 11:02 | |
| CVE-2007-6316 | 4.3 |
Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activated by administrators viewing log files via the Tr
|
15-10-2018 - 21:52 | 12-12-2007 - 00:46 | |
| CVE-2007-6315 | 4.0 |
Group Chat in BarracudaDrive Web Server before 3.8 allows remote authenticated users to cause a denial of service (crash) via a HTTP request to /eh/chat.ehintf/C. that does not contain a Connection ID, which results in a NULL pointer dereference.
|
15-10-2018 - 21:52 | 12-12-2007 - 00:46 | |
| CVE-2007-6314 | 5.0 |
BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a (1) + (plus), (2) . (dot), or (3) %80 and similar characters to the file name in the URL.
|
15-10-2018 - 21:52 | 12-12-2007 - 00:46 | |
| CVE-2007-6317 | 5.5 |
Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitra
|
15-10-2018 - 21:52 | 12-12-2007 - 00:46 | |
| CVE-2014-2341 | 6.8 |
Session fixation vulnerability in CubeCart before 5.2.9 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
|
29-08-2017 - 01:34 | 22-04-2014 - 13:06 | |
| CVE-2012-5525 | 4.7 |
The get_page_from_gfn hypercall function in Xen 4.2 allows local PV guest OS administrators to cause a denial of service (crash) via a crafted GFN that triggers a buffer over-read.
|
29-08-2017 - 01:32 | 13-12-2012 - 11:53 | |
| CVE-2003-1376 | 4.6 |
WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2016-8483 | 4.3 |
An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without exp
|
17-07-2017 - 13:18 | 08-03-2017 - 01:59 |