| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2002-0591 | 5.0 | Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8 beta and earlier allows remote attackers to create arbitrary files and execute commands via a Direct Connection with an IMG tag with a SRC attribute that specifies the target filena | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0590 | 7.5 | Cross-site scripting (CSS) vulnerability in IcrediBB 1.1 Beta allows remote attackers to execute arbitrary script and steal cookies as other IcrediBB users via the (1) title or (2) body of posts. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0589 | 7.5 | PVote before 1.9 allows remote attackers to change the administrative password and gain privileges by directly calling ch_info.php with the newpass and confirm parameters both set to the new password. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0588 | 5.0 | PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0587 | 7.5 | Buffer overflow in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to cause a denial of service or execute arbitrary code via the Error or Notice parameters. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0586 | 7.5 | Format string vulnerability in Ns_PdLog function for the external database driver proxy daemon library (libnspd.a) of AOLServer 3.0 through 3.4.2 allows remote attackers to execute arbitrary code via the Error or Notice parameters. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0584 | 5.0 | WorkforceROI Xpede 4.1 allows remote attackers to read user timesheets by modifying the TSN ID parameter to the ts_app_process.asp script, which is easily guessable because it is incremented by 1 for each new timesheet. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0583 | 5.0 | WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0582 | 5.0 | WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| CVE-2002-0581 | 7.5 | WorkforceROI Xpede 4.1 allows remote attackers to execute arbitrary SQL commands and read, modify, or steal credentials from the database via the Qry parameter in the sprc.asp script. | 2008-09-05 20:28:00 | 2002-06-18 04:00:00 |
| ID | CVSS | Sažetak | Zadnje ažurirano | Objavljeno |
|---|---|---|---|---|
| CVE-2018-4451 | 9.3 | This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation. | 2020-10-30 02:01:00 | 2020-10-27 20:15:00 |
| CVE-2019-8712 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8709 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be abl | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8824 | 9.3 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2018-4452 | 9.3 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Se | 2020-10-30 02:00:00 | 2020-10-27 20:15:00 |
| CVE-2019-8716 | 10.0 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8836 | 9.3 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2019-8740 | 9.3 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges. | 2021-07-21 11:39:00 | 2020-10-27 20:15:00 |
| CVE-2020-27976 | 10.0 | osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option. | 2020-10-29 23:35:00 | 2020-10-28 15:15:00 |
| CVE-2019-8539 | 9.3 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary co | 2020-10-30 15:13:00 | 2020-10-27 20:15:00 |
Stranica
/26254
Zapisa po stranici: