Latest CVE Feed
-
2.6
LOWCVE-2004-1922
Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP file instead of the actual BMP file size, which allows remote attackers to cause a denial of service (memory consumption) via a small BMP file with has a ... Read more
Affected Products : internet_explorer- EPSS Score: %5.10
- Published: Apr. 11, 2004
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2004-1907
The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to cause a denial of service (crash) by sending hex-encoded URLs containing "%13%12%13".... Read more
Affected Products : personal_firewall- EPSS Score: %8.54
- Published: Dec. 31, 2004
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2012-5077
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown ... Read more
- EPSS Score: %2.04
- Published: Oct. 16, 2012
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2015-5281
The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in the co... Read more
Affected Products : enterprise_linux- EPSS Score: %0.06
- Published: Nov. 24, 2015
- Modified: Apr. 12, 2025
-
2.6
LOWCVE-2012-3383
The map_meta_cap function in wp-includes/capabilities.php in WordPress 3.4.x before 3.4.2, when the multisite feature is enabled, does not properly assign the unfiltered_html capability, which allows remote authenticated users to bypass intended access re... Read more
Affected Products : wordpress- EPSS Score: %0.15
- Published: Jul. 22, 2012
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2013-5315
Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via th... Read more
- EPSS Score: %0.73
- Published: Aug. 19, 2013
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-2006-3365
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter to mail/index.php or (2) membername parameter to messenger/online.php, which displays the path in an error page due to an incorrect SQL statement.... Read more
Affected Products : v3_chat- EPSS Score: %0.70
- Published: Jul. 06, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1808
Cross-site scripting (XSS) vulnerability in index.php in Lifetype 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the show parameter in a Template operation.... Read more
Affected Products : lifetype- EPSS Score: %0.67
- Published: Apr. 18, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-3246
Cross-site scripting (XSS) vulnerability in show.php in GL-SH Deaf Forum 6.4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the sort parameter.... Read more
Affected Products : deaf_forum- EPSS Score: %0.53
- Published: Jun. 27, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2012-2632
SEIL routers with firmware SEIL/x86 1.00 through 2.35, SEIL/X1 2.30 through 3.75, SEIL/X2 2.30 through 3.75, and SEIL/B1 2.30 through 3.75, when the http-proxy and application-gateway features are enabled, do not properly handle the CONNECT command, which... Read more
- EPSS Score: %0.18
- Published: Jun. 15, 2012
- Modified: Apr. 11, 2025
-
2.6
LOWCVE-1999-1263
Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as s... Read more
Affected Products : metamail- EPSS Score: %0.32
- Published: Aug. 15, 2003
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-0888
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote attackers to cause an unspecified denial of service by registering a large number of users.... Read more
Affected Products : invision_power_board- EPSS Score: %6.56
- Published: Feb. 25, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-1999-0797
NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.... Read more
Affected Products : sunos- EPSS Score: %0.55
- Published: Jun. 29, 1998
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2000-0028
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.... Read more
- EPSS Score: %21.84
- Published: Dec. 23, 1999
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-0538
CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service (possibly CPU consumption) via a SYN flood with malformed TCP packets from multiple connections.... Read more
Affected Products : ironmail- EPSS Score: %1.12
- Published: Feb. 04, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2005-0905
Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search bar via the m2_search_text property.... Read more
Affected Products : maxthon- EPSS Score: %7.42
- Published: May. 02, 2005
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2006-1992
mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code ... Read more
Affected Products : internet_explorer- EPSS Score: %48.62
- Published: Apr. 25, 2006
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2000-0768
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.... Read more
- EPSS Score: %16.32
- Published: Oct. 20, 2000
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2000-0406
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Su... Read more
Affected Products : communicator- EPSS Score: %0.74
- Published: May. 10, 2000
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2004-2011
msxml3.dll in Internet Explorer 6.0.2600.0 allows remote attackers to cause a denial of service (crash) via a single & (ampersand) in a <Ref href> link, which triggers a parsing error, possibly due to missing portions of the URI.... Read more
Affected Products : internet_explorer- EPSS Score: %9.54
- Published: Dec. 31, 2004
- Modified: Apr. 03, 2025