NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
16357 | CVE-2010-5148 | Websense Web Security and Web Filter before 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | 2 | 5 | Medium | 2017-01-18 | 2013-04-01 | View | |
60740 | CVE-2006-2035 | Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. | 2 | 3.7 | Low | 2016-12-20 | 2008-09-05 | View | |
66048 | CVE-2005-0285 | Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs. | 2 | 4.6 | Medium | 2017-07-18 | 2017-07-10 | View | |
57875 | CVE-2007-5824 | webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a stats method action to /xml-rpc with (1) an empty Authorization header line, which triggers a crash in the ws_decodepassword function; or (2) a header line without a ":" character, which triggers a crash in the ws_getheaders function. | 2 | 7.1 | High | 2017-01-07 | 2008-09-10 | View | |
24926 | CVE-2015-2978 | Webservice-DIC yoyaku_v41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation." | 2 | 5 | Medium | 2017-01-19 | 2015-07-29 | View |
Page 17404 of 17672, showing 5 records out of 88360 total, starting on record 87016, ending on 87020