Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3395 | 1 Invision Power Services | 1 Invision Gallery | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Invision Gallery 2.0.3 allows remote attackers to execute arbitrary SQL commands via the st parameter. | |||||
| CVE-2005-3538 | 1 Ifax Solutions | 1 Hylafax | 2018-10-19 | 7.5 HIGH | N/A |
| hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remote attackers to gain privileges. | |||||
| CVE-2005-3539 | 1 Hylafax | 1 Hylafax | 2018-10-19 | 7.5 HIGH | N/A |
| Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execute arbitrary commands via (1) the notify script in HylaFAX 4.2.0 to 4.2.3 and (2) crafted CallID parameters to the faxrcvd script in HylaFAX 4.2.2 and 4.2.3. | |||||
| CVE-2005-3476 | 1 Hp | 1 Openvms | 2018-10-19 | 2.1 LOW | N/A |
| Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, allows local users to cause a denial of service. | |||||
| CVE-2005-3394 | 1 Oaboard | 1 Oaboard | 2018-10-19 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) channel parameter in the topics module and (2) topic parameter in the posting module. | |||||
| CVE-2005-3412 | 1 Elite Forum | 1 Elite Forum | 2018-10-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows remote attackers to inject arbitrary web script or HTML via a Post Reply to a topic, in which the reply contains a javascript: URL in an <img> tag. | |||||
| CVE-2005-3499 | 1 Frisk Software | 1 F-prot Antivirus | 2018-10-19 | 7.5 HIGH | N/A |
| Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file. | |||||
| CVE-2005-3473 | 1 Alexander Palmo | 1 Simple Php Blog | 2018-10-19 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entry, (2) blog_subject, and (3) blog_text parameters (involving the temp_subject variable) in (a) preview_cgi.php and (b) preview_static_cgi.php, or (4) scheme_name parameter and (5) bg_color parameters (involving the preset_name and result variables) in (c) colors.php. | |||||
| CVE-2005-3478 | 1 Phpcafe | 1 Tutorial Manager | 2018-10-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||||
| CVE-2005-3491 | 1 Johannes F. Kuhlmann | 1 Flatfrag | 2018-10-19 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields. | |||||
| CVE-2005-3492 | 1 Johannes F. Kuhlmann | 1 Flatfrag | 2018-10-19 | 5.0 MEDIUM | N/A |
| FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference. | |||||
| CVE-2005-3274 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 1.2 LOW | N/A |
| Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired. | |||||
| CVE-2005-3276 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.1 LOW | N/A |
| The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information. | |||||
| CVE-2005-3275 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.6 LOW | N/A |
| The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and 2.4 before 2.4.32-rc1 incorrectly declares a variable to be static, which allows remote attackers to cause a denial of service (memory corruption) by causing two packets for the same protocol to be NATed at the same time, which leads to memory corruption. | |||||
| CVE-2005-3350 | 1 Libungif | 1 Libungif | 2018-10-19 | 7.5 HIGH | N/A |
| libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. | |||||
| CVE-2005-3280 | 1 Paros | 1 Paros | 2018-10-19 | 7.5 HIGH | N/A |
| Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does not restrict access to the local machine, which allows remote attackers to gain privileges. | |||||
| CVE-2005-3110 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 2.6 LOW | N/A |
| Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to be modified after it has been read but before it has been locked. | |||||
| CVE-2005-3106 | 1 Linux | 1 Linux Kernel | 2018-10-19 | 1.2 LOW | N/A |
| Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec. | |||||
| CVE-2005-3120 | 1 University Of Kansas | 1 Lynx | 2018-10-19 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | |||||
| CVE-2005-3178 | 2 Xli, Xloadimage | 2 Xli, Xloadimage | 2018-10-19 | 5.1 MEDIUM | N/A |
| Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations. | |||||