NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
15328 | CVE-2010-4005 | The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2. | 2 | 6.9 | Medium | 2017-01-18 | 2011-03-01 | View | |
80864 | CVE-2002-1913 | phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable. | 2 | 5 | Medium | 2017-01-05 | 2008-09-05 | View | |
15584 | CVE-2010-4329 | Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 allows remote attackers to inject arbitrary web script or HTML via a crafted request. | 2 | 4.3 | Medium | 2017-01-18 | 2011-01-28 | View | |
81120 | CVE-2002-2169 | Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a user"s buddy list, via a URL with a META HTTP-EQUIV="refresh" tag to an aim: URL. | 2 | 5 | Medium | 2017-01-05 | 2008-09-05 | View | |
15840 | CVE-2010-4591 | The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not delete LTPA tokens in response to use of the iNotes Logoff button, which might allow physically proximate attackers to obtain access via an unattended client, related to a cookie domain mismatch. | 2 | 4.4 | Medium | 2017-01-18 | 2011-01-11 | View |
Page 15755 of 17672, showing 5 records out of 88360 total, starting on record 78771, ending on 78775