| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1260 | 5.0 |
Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check.
|
18-10-2018 - 16:31 | 19-03-2006 - 02:02 | |
| CVE-2016-10267 | 4.3 |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.
|
22-03-2018 - 01:29 | 24-03-2017 - 19:59 | |
| CVE-2003-0128 | 5.0 |
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly trig
|
11-10-2017 - 01:29 | 24-03-2003 - 05:00 | |
| CVE-2014-7996 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.
|
08-09-2017 - 01:29 | 18-11-2014 - 23:59 | |
| CVE-2014-8000 | 5.0 |
Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka B
|
08-09-2017 - 01:29 | 21-11-2014 - 02:59 | |
| CVE-2014-7907 | 7.5 |
Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in Google Chrome before 39.0.2171.65, allow remote attackers to cause a denial of service or possibly have unspecified other impac
|
08-09-2017 - 01:29 | 19-11-2014 - 11:59 | |
| CVE-2013-6497 | 2.1 |
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
|
29-08-2017 - 01:33 | 01-12-2014 - 15:59 | |
| CVE-2014-8990 | 7.5 |
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
|
01-07-2017 - 01:29 | 05-12-2014 - 16:59 | |
| CVE-2014-8954 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in phpSound 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Title or (2) Description fields in a playlist or the (3) filter parameter in an explore action to index.ph
|
06-08-2015 - 16:45 | 17-11-2014 - 16:59 | |
| CVE-2014-3204 | 4.4 |
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demonstrated by right-clicking on the indicator bar and
|
07-05-2014 - 14:09 | 06-05-2014 - 14:55 | |
| CVE-2007-6672 | 5.0 |
Mortbay Jetty 6.1.5 and 6.1.6 allows remote attackers to bypass protection mechanisms and read the source of files via multiple '/' (slash) characters in the URI.
|
30-10-2012 - 03:04 | 08-01-2008 - 11:46 |