Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2142 | 1 Kmint21 Software | 1 Golden Ftp Server | 2008-09-05 | 2.1 LOW | N/A |
| Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command. | |||||
| CVE-2005-2141 | 1 Jollybox.de | 1 Tcp Chat | 2008-09-05 | 5.0 MEDIUM | N/A |
| TCP Chat 1.0 allows remote attackers to cause a denial of service (crash) via a long string to the chat service, possibly triggering a buffer overflow. | |||||
| CVE-2005-1960 | 1 C.j. Steele | 1 Tattle | 2008-09-05 | 7.5 HIGH | N/A |
| The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands via shell metacharacters in certain log entries, as demonstrated using shell metacharacters in an FTP username. | |||||
| CVE-2005-1961 | 1 Objectweb | 1 Consortium C-jdbc | 2008-09-05 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allows local users to bypass intended access restrictions and obtain the cache results from another user. | |||||
| CVE-2005-2140 | 1 Fsboard | 1 Fsboard | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter. | |||||
| CVE-2005-2138 | 1 Comdev | 1 Comdev Ecommerce | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Comdev eCommerce 3.0 and 3.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the onMouseOver event of an "A" tag in a review message. | |||||
| CVE-2005-2136 | 1 Raritan | 1 Dominion | 2008-09-05 | 4.6 MEDIUM | N/A |
| Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users. | |||||
| CVE-2005-2135 | 1 Etoshop | 1 Dynamic Biz Website Builder Quickweb | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify.asp in EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) T1 or (2) T2 parameters. | |||||
| CVE-2005-1962 | 1 Cerberus | 1 Cerberus Helpdesk | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php. | |||||
| CVE-2005-1789 | 1 India Software Solution | 1 Shopping Cart | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password. | |||||
| CVE-2005-1792 | 1 Microsoft | 1 Windows Xp | 2008-09-05 | 5.0 MEDIUM | N/A |
| Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache. | |||||
| CVE-2005-1797 | 1 Openssl | 1 Openssl | 2008-09-05 | 5.1 MEDIUM | N/A |
| The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations. | |||||
| CVE-2005-1804 | 1 Net Portal Dynamic System | 1 Net Portal Dynamic System | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php. | |||||
| CVE-2005-1963 | 1 Cerberus | 1 Cerberus Helpdesk | 2008-09-05 | 5.0 MEDIUM | N/A |
| Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain requests to (1) reports.php, (2) knowledgebase.php, or (3) configuration.php, which leaks the information in a PHP error message. | |||||
| CVE-2005-2080 | 1 Symantec Veritas | 1 Backup Exec | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server. | |||||
| CVE-2005-2079 | 1 Symantec Veritas | 1 Backup Exec | 2008-09-05 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-2078 | 1 Sofotex | 1 Bisonftp | 2008-09-05 | 2.1 LOW | N/A |
| BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument. | |||||
| CVE-2005-1964 | 1 Cantico | 1 Ovidentia | 2008-09-05 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers to execute arbitrary PHP code via the babInstallPath parameter. | |||||
| CVE-2005-2073 | 1 Ibm | 1 Db2 | 2008-09-05 | 2.1 LOW | N/A |
| Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | |||||
| CVE-2005-2070 | 1 Sendmail | 1 Sendmail | 2008-09-05 | 5.0 MEDIUM | N/A |
| The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading. | |||||