Max CVSS 10.0 Min CVSS 3.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-2538 3.6
Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS
12-02-2023 - 23:17 16-06-2016 - 18:59
CVE-2019-5526 9.3
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges
24-08-2020 - 17:37 15-05-2019 - 16:29
CVE-2006-2678 5.8
Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php
18-10-2018 - 16:41 31-05-2006 - 10:06
CVE-2008-1458 4.3
Cross-site scripting (XSS) vulnerability in index.php in CS-Cart 1.3.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a products search action. NOTE: it was also reported that 1.3.5-SP2 trial edition is also af
11-10-2018 - 20:34 24-03-2008 - 18:44
CVE-2015-8277 10.0
Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with opcode (a) 0x107 or (b) 0x10a.
07-08-2018 - 01:29 24-02-2016 - 03:59
CVE-2015-5351 6.8
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protec
19-07-2018 - 01:29 25-02-2016 - 01:59
CVE-2003-0468 5.0
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes
11-10-2017 - 01:29 27-08-2003 - 04:00
CVE-2003-0540 5.0
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Error
11-10-2017 - 01:29 27-08-2003 - 04:00
CVE-2016-8584 7.5
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value.
10-05-2017 - 18:22 28-04-2017 - 19:59
CVE-2014-2197 9.0
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administra
07-01-2017 - 02:59 07-07-2014 - 11:01
Back to Top Mark selected
Back to Top