| Max CVSS | 9.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-3649 | 4.6 |
The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created.
|
22-04-2020 - 17:12 | 18-08-2017 - 16:29 | |
| CVE-2017-0166 | 9.3 |
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicio
|
03-10-2019 - 00:03 | 12-04-2017 - 14:59 | |
| CVE-2019-9648 | 5.0 |
An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674. A directory traversal vulnerability exists using the SIZE command along with a \..\..\ substring, allowing an attacker to enumerate file existence based on the returned i
|
26-08-2019 - 07:15 | 22-03-2019 - 19:29 | |
| CVE-2006-1721 | 2.6 |
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in
|
18-10-2018 - 16:34 | 11-04-2006 - 23:02 | |
| CVE-2008-0175 | 7.5 |
Unrestricted file upload vulnerability in GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to the main virtual directory.
|
15-10-2018 - 21:58 | 29-01-2008 - 02:00 | |
| CVE-2015-0935 | 7.5 |
Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to unspecified PHP scripts.
|
07-09-2017 - 01:29 | 25-05-2015 - 19:59 | |
| CVE-2003-1470 | 9.0 |
Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox name.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2015-5490 | 5.0 |
The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for Drupal does not rebuild the full cache if the static cache is not empty, which allows remote attackers to bypass intended filters and obtain access to
|
28-11-2016 - 19:33 | 18-08-2015 - 17:59 | |
| CVE-2015-5487 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Camtasia Relay module 6.x-2.x before 6.x-3.2 and 7.x-2.x before 7.x-1.3 for Drupal allows remote authenticated users with the "view meta information" permission to inject arbitrary web script or HTML vi
|
03-09-2015 - 15:59 | 18-08-2015 - 17:59 |