CVSS评分在区间 [7,9.9] 的搜索结果 (25813)

CVE-2015-8257(发布:2017-05-02 10:59:00)NMPS
CVSS9.0

[原文]The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml.

CVE-2011-3428(发布:2017-04-24 15:59:00)NM
CVSS7.5

[原文]Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code.

CVE-2015-7247(发布:2017-04-24 14:59:00)NM
CVSS7.8

[原文]D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames, passwords, keys, values, and web account hashes (super and admin) in plaintext when running a configuration backup, which allows remote attackers to obtain sensitive information.

CVE-2015-7568(发布:2017-04-24 14:59:00)NM
CVSS7.5

[原文]SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter.

CVE-2015-7569(发布:2017-04-24 14:59:00)NM
CVSS7.5

[原文]SQL injection vulnerability in "yeager/y.php/tab_USERLIST" in Yeager CMS 1.2.1 allows local users to execute arbitrary SQL commands via the "pagedir_orderby" parameter.

CVE-2014-9654(发布:2017-04-24 02:59:00)NMP
CVSS7.5

[原文]The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted string, a related issue to CVE-2014-7923.

12345678下一页尾页 第1页 / 共4303页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站