| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-2360 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows l
|
14-05-2019 - 20:39 | 10-06-2015 - 01:59 | |
| CVE-2015-1768 | 7.2 |
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privile
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
| CVE-2015-1757 | 4.3 |
Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 allows remote attackers to inject arbitrary web script or HTML via the wct parameter,
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
| CVE-2017-7593 | 4.3 |
tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.
|
22-03-2018 - 01:29 | 09-04-2017 - 14:59 | |
| CVE-2008-0510 | 7.5 |
SQL injection vulnerability in index.php in the Newsletter (com_newsletter) component for Mambo 4.5 and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
|
29-09-2017 - 01:30 | 31-01-2008 - 20:00 | |
| CVE-2011-1842 | 7.2 |
dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacha
|
17-08-2017 - 01:34 | 03-05-2011 - 00:55 | |
| CVE-2009-4446 | 4.3 |
Cross-site scripting (XSS) vulnerability in admin.php in phpInstantGallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
17-08-2017 - 01:31 | 29-12-2009 - 20:41 | |
| CVE-2003-1484 | 4.3 |
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute.
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2015-2951 | 5.0 |
JWT.php in F21 JWT before 2.0 allows remote attackers to bypass signature verification via crafted tokens.
|
03-12-2016 - 03:07 | 05-06-2015 - 10:59 | |
| CVE-2015-2950 | 6.4 |
Directory traversal vulnerability in the Brandon Bowles Open Explorer application before 0.254 Beta for Android allows remote attackers to write to arbitrary files via a crafted filename.
|
03-12-2016 - 03:07 | 05-06-2015 - 10:59 | |
| CVE-2015-2859 | 5.8 |
Intel McAfee ePolicy Orchestrator (ePO) 4.x through 4.6.9 and 5.x through 5.1.2 does not validate server names and Certification Authority names in X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obt
|
03-12-2016 - 03:07 | 23-06-2015 - 21:59 | |
| CVE-2011-0729 | 7.2 |
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) Set
|
14-07-2011 - 04:00 | 29-04-2011 - 22:55 |