Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1381 | 1 Mozilla | 2 Firefox, Mozilla | 2017-10-10 | 5.0 MEDIUM | N/A |
| Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being entered in the active tab, as originally reported using form fields, which allows remote attackers to steal sensitive data that is intended for other sites, which could facilitate phishing attacks. | |||||
| CVE-2004-1335 | 2 Linux, Redhat | 3 Linux Kernel, Fedora Core, Linux | 2017-10-10 | 2.1 LOW | N/A |
| Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function. | |||||
| CVE-2004-1392 | 1 Php | 1 Php | 2017-10-10 | 5.0 MEDIUM | N/A |
| PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbitrary files via a file: URL argument to the curl_init function. | |||||
| CVE-2004-2259 | 1 Beasts | 1 Vsftpd | 2017-10-10 | 5.0 MEDIUM | N/A |
| vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | |||||
| CVE-2005-0337 | 3 Redhat, Suse, Wietse Venema | 4 Enterprise Linux, Enterprise Linux Desktop, Suse Linux and 1 more | 2017-10-10 | 7.5 HIGH | N/A |
| Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. | |||||
| CVE-2005-0069 | 1 Vim Development Group | 1 Vim | 2017-10-10 | 4.6 MEDIUM | N/A |
| The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2005-0364 | 1 Hp | 1 Hp-ux | 2017-10-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service. | |||||
| CVE-2005-0365 | 1 Kde | 1 Kde | 2017-10-10 | 2.1 LOW | N/A |
| The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2005-0372 | 1 Gtk | 1 Gtk\+ | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command. | |||||
| CVE-2005-0397 | 1 Imagemagick | 1 Imagemagick | 2017-10-10 | 7.5 HIGH | N/A |
| Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. | |||||
| CVE-2005-0398 | 6 Altlinux, Ipsec-tools, Kame and 3 more | 7 Alt Linux, Ipsec-tools, Racoon and 4 more | 2017-10-10 | 5.0 MEDIUM | N/A |
| The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. | |||||
| CVE-2005-0402 | 1 Mozilla | 1 Firefox | 2017-10-10 | 2.6 LOW | N/A |
| Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page. | |||||
| CVE-2005-0403 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2017-10-10 | 7.2 HIGH | N/A |
| init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure. | |||||
| CVE-2005-0592 | 1 Mozilla | 2 Firefox, Mozilla | 2017-10-10 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value. | |||||
| CVE-2005-0591 | 1 Mozilla | 1 Firefox | 2017-10-10 | 2.6 LOW | N/A |
| Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog boxes, which could be used to trick users into executing script or downloading and executing a file, aka "Firespoofing." | |||||
| CVE-2005-0590 | 1 Mozilla | 3 Firefox, Mozilla, Thunderbird | 2017-10-10 | 5.0 MEDIUM | N/A |
| The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname. | |||||
| CVE-2005-0589 | 1 Mozilla | 1 Firefox | 2017-10-10 | 5.0 MEDIUM | N/A |
| The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive information via an input control that monitors the values that are generated by the autocomplete capability. | |||||
| CVE-2005-0588 | 1 Mozilla | 2 Firefox, Mozilla | 2017-10-10 | 5.0 MEDIUM | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in XSLT stylesheets to the current domain, which allows remote attackers to determine the existence of files on the local system. | |||||
| CVE-2005-0587 | 1 Mozilla | 2 Firefox, Mozilla | 2017-10-10 | 2.6 LOW | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. | |||||
| CVE-2005-0586 | 1 Mozilla | 2 Firefox, Mozilla | 2017-10-10 | 2.6 LOW | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensions of files to download via the Content-Disposition header, which could be used to trick users into downloading dangerous content. | |||||