CVSS评分在区间 [7,9.9] 的搜索结果 (25696)

CVE-2015-8212(发布:2017-01-19 15:59:00)NM

[原文]CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.

CVE-2016-2090(发布:2017-01-13 11:59:00)NMP

[原文]Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.

CVE-2015-4592(发布:2017-01-10 10:59:00)NM

[原文]eClinicalWorks Population Health (CCMR) suffers from an SQL injection vulnerability in portalUserService.jsp which allows remote authenticated users to inject arbitrary malicious database commands as part of user input.

CVE-2015-4594(发布:2017-01-10 10:59:00)NM

[原文]eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When authenticating a user, the application does not assign a new session ID, making it possible to use an existent session ID.

CVE-2016-4288(发布:2017-01-06 16:59:01)NMS

[原文]A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak permissions that allows users to execute arbitrary programs with SYSTEM privileges.

CVE-2016-4336(发布:2017-01-06 16:59:01)NMS

[原文]An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution.

12345678下一页尾页 第1页 / 共4283页