CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
91122 | CVE-2016-4303 | Candidate | The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow. | Assigned (20160427) | None (candidate not yet proposed) | View | |
25842 | CVE-2007-2485 | Candidate | PHP remote file inclusion vulnerability in myflash-button.php in the myflash 1.00 and earlier plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpPATH parameter. | Assigned (20070503) | None (candidate not yet proposed) | View | |
91378 | CVE-2016-4559 | Candidate | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. | Assigned (20160506) | None (candidate not yet proposed) | View | |
26098 | CVE-2007-2741 | Candidate | Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file. | Assigned (20070517) | None (candidate not yet proposed) | View | |
91634 | CVE-2016-4815 | Candidate | Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | Assigned (20160517) | None (candidate not yet proposed) | View |
Page 18740 of 20943, showing 5 records out of 104715 total, starting on record 93696, ending on 93700