CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Multiple unspecified vulnerabilities in G15Daemon before 1.9.4 have unknown impact and attack vectors.
Unspecified vulnerability in metashell before 0.03 has unknown impact and attack vectors related to a "PATH execution security flaw," possibly an untrusted search path vulnerability.
Arrows_nx_f05-f_firmware, Arrows_nx_f05-f, Gp7000f_firmware, Gp7000f, Primepower_firmware, Primepower, Gps_firmware, Gps, Sparc_enterprise_m3000_firmware, Sparc_enterprise_m3000
2017-08-17
N/A
N/A
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server Enterprise Edition 7.0.1 for Solaris, allows attackers to cause a denial of service via unknown vectors related to SSL.
Arrows_nx_f05-f_firmware, Arrows_nx_f05-f, Gp7000f_firmware, Gp7000f, Primepower_firmware, Primepower, Gps_firmware, Gps, Sparc_enterprise_m3000_firmware, Sparc_enterprise_m3000
2017-08-17
N/A
N/A
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server 5.0, 7.0, 7.0.1, and 8.0.0 for Windows, allows attackers to cause a denial of service via a crafted request.
PHPKIT 1.6.4 PL1 includes the session ID in the URL, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks by reading the PHPKITSID parameter from the HTTP Referer and using it in a request to (1) modify the user profile via upload_files/include.php or (2) create a new administrator via upload_files/pk/include.php.
2018-10-11
N/A
N/A
Cross-site request forgery (CSRF) vulnerability in index.php in WoltLab Burning Board (wBB) 3.0.1, and possibly other 3.x versions, allows remote attackers to hijack the authentication of users for requests that delete private messages via the pmID parameter in a delete action in a PM page, a different vulnerability than CVE-2008-0472.
Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL.
Unspecified vulnerability in Adium before 1.2 has unknown impact and attack vectors related to javascript: URLs, possibly cross-site scripting (XSS).
Multiple unspecified vulnerabilities in Local Media Browser before 0.1 have unknown impact and attack vectors related to "Security holes."
ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.