Max CVSS 7.5 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2014-7817 4.6
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
13-02-2023 - 00:42 24-11-2014 - 15:59
CVE-2014-0114 7.5
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "m
13-02-2023 - 00:32 30-04-2014 - 10:49
CVE-2016-9924 7.5
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.
04-06-2020 - 12:10 29-03-2017 - 14:59
CVE-2006-1265 7.5
SQL injection vulnerability in discussion.class.php in xhawk.net discussion 2.0 beta2 allows remote attackers to execute arbitrary SQL commands via the view parameter.
18-10-2018 - 16:31 19-03-2006 - 02:02
CVE-2003-0165 4.6
Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.
11-10-2017 - 01:29 02-04-2003 - 05:00
CVE-2014-6624 6.8
The Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
08-09-2017 - 01:29 19-11-2014 - 18:59
CVE-2008-0131 4.3
Cross-site scripting (XSS) vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different product than CVE-2006-6022. NOTE: the provenance of this in
15-09-2009 - 05:10 08-01-2008 - 11:46
Back to Top Mark selected
Back to Top