NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
51153 | CVE-2009-3999 | Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter. | 2 | 10 | High | 2017-01-07 | 2012-02-13 | View | |
52177 | CVE-2009-5076 | CRE Loaded before 6.2.14, and possibly other versions before 6.3.x, allows remote attackers to bypass authentication and gain administrator privileges via a request with (1) login.php or (2) password_forgotten.php appended as the PATH_INFO, which bypasses a check that uses PHP_SELF, which is not properly handled by (a) includes/application_top.php and (b) admin/includes/application_top.php, as exploited in the wild in 2009. | 2 | 7.5 | High | 2017-01-07 | 2012-04-27 | View | |
52433 | CVE-2007-0202 | SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lang parameter. | 2 | 7.5 | High | 2017-01-07 | 2011-03-07 | View | |
52689 | CVE-2007-0465 | Format string vulnerability in Apple Installer 2.1.5 on Mac OS X 10.4.8 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a (1) PKG, (2) DISTZ, or (3) MPKG package filename. | 2 | 7.6 | High | 2017-01-07 | 2011-03-07 | View | |
52945 | CVE-2007-0723 | Unspecified vulnerability in the authentication feature for DirectoryService (DS Plug-Ins) for Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote authenticated LDAP users to modify the root password and gain privileges via unknown vectors. | 2 | 8.5 | High | 2017-01-07 | 2011-03-07 | View |
Page 16057 of 17672, showing 5 records out of 88360 total, starting on record 80281, ending on 80285