CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
38638 | CVE-2009-1203 | Candidate | WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709. | Assigned (20090331) | None (candidate not yet proposed) | View | |
104174 | CVE-2017-7354 | Candidate | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. | Assigned (20170330) | None (candidate not yet proposed) | View | |
38894 | CVE-2009-1459 | Candidate | Cross-site request forgery (CSRF) vulnerability in razorCMS before 0.4 allows remote attackers to hijack the authentication of administrators for requests that create a web page containing PHP code. | Assigned (20090428) | None (candidate not yet proposed) | View | |
104430 | CVE-2017-7610 | Candidate | The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | Assigned (20170409) | None (candidate not yet proposed) | View | |
39150 | CVE-2009-1715 | Candidate | Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to script execution with incorrect privileges. | Assigned (20090520) | None (candidate not yet proposed) | View |
Page 18959 of 20943, showing 5 records out of 104715 total, starting on record 94791, ending on 94795