CVE List

Id CVE No. Status Description Phase Votes Comments Actions
38638  CVE-2009-1203  Candidate  WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709.  Assigned (20090331)  None (candidate not yet proposed)    View
104174  CVE-2017-7354  Candidate  ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.  Assigned (20170330)  None (candidate not yet proposed)    View
38894  CVE-2009-1459  Candidate  Cross-site request forgery (CSRF) vulnerability in razorCMS before 0.4 allows remote attackers to hijack the authentication of administrators for requests that create a web page containing PHP code.  Assigned (20090428)  None (candidate not yet proposed)    View
104430  CVE-2017-7610  Candidate  The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.  Assigned (20170409)  None (candidate not yet proposed)    View
39150  CVE-2009-1715  Candidate  Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to inject arbitrary web script or HTML, and read local files, via vectors related to script execution with incorrect privileges.  Assigned (20090520)  None (candidate not yet proposed)    View

Page 18959 of 20943, showing 5 records out of 104715 total, starting on record 94791, ending on 94795

Actions