NVD List

Id Name Description Reject CVSS Version CVSS Score Severity Pub Date Modified Date Actions
78837  CVE-2001-1403  Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser"s location bar.    7.5  High  2017-01-05  2016-10-17  View
13557  CVE-2010-2068  mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request.    Medium  2017-01-18  2013-10-10  View
79093  CVE-2002-0077  Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.    7.5  High  2017-01-05  2016-10-17  View
13813  CVE-2010-2335  SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 20100618, allows remote attackers to execute arbitrary SQL commands via the news parameter.    7.5  High  2017-01-18  2010-06-24  View
79349  CVE-2002-0339  Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet"s length is less than the IP level packet length.    Medium  2017-01-05  2008-09-05  View

Page 16947 of 17672, showing 5 records out of 88360 total, starting on record 84731, ending on 84735

Actions