Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1805 | 1 Online Solutions For Educators | 1 Online Solutions For Educators | 2011-03-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password. | |||||
| CVE-2005-1807 | 1 Phpmailer | 1 Phpmailer | 2011-03-07 | 5.0 MEDIUM | N/A |
| The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field. | |||||
| CVE-2005-1825 | 1 Hp | 1 Radia Client | 2011-03-07 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process. | |||||
| CVE-2005-1826 | 1 Hp | 1 Radia Client | 2011-03-07 | 7.5 HIGH | N/A |
| Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension. | |||||
| CVE-2005-1062 | 1 Kerio | 3 Kerio Mailserver, Personal Firewall, Winroute Firewall | 2011-03-07 | 7.5 HIGH | N/A |
| The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods. | |||||
| CVE-2005-1331 | 1 Apple | 3 Applescript, Mac Os X, Mac Os X Server | 2011-03-07 | 5.1 MEDIUM | N/A |
| The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. | |||||
| CVE-2005-1341 | 1 Apple | 3 Mac Os X, Mac Os X Server, Terminal | 2011-03-07 | 5.1 MEDIUM | N/A |
| Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. | |||||
| CVE-2005-1342 | 1 Apple | 2 Mac Os X, Terminal | 2011-03-07 | 7.5 HIGH | N/A |
| The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2005-1392 | 1 Phpmyadmin | 1 Phpmyadmin | 2011-03-07 | 4.6 MEDIUM | N/A |
| The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script. | |||||
| CVE-2005-1406 | 1 Freebsd | 1 Freebsd | 2011-03-07 | 4.6 MEDIUM | N/A |
| The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. | |||||
| CVE-2005-1416 | 1 Soft3304 | 1 04webserver | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. | |||||
| CVE-2005-0440 | 1 Stefan Ritt | 1 Elog Web Logbook | 2011-03-07 | 7.5 HIGH | N/A |
| ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL. | |||||
| CVE-2005-0534 | 1 Mediawiki | 1 Mediawiki | 2011-03-07 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script. | |||||
| CVE-2005-0535 | 2 Gentoo, Mediawiki | 2 Linux, Mediawiki | 2011-03-07 | 7.5 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users. | |||||
| CVE-2005-0536 | 1 Mediawiki | 1 Mediawiki | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion. | |||||
| CVE-2005-0634 | 1 Kmint21 Software | 1 Golden Ftp Server | 2011-03-07 | 7.5 HIGH | N/A |
| Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. | |||||
| CVE-2005-0684 | 1 Mysql | 1 Maxdb | 2011-03-07 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. | |||||
| CVE-2005-0771 | 1 Symantec Veritas | 1 Backup Exec | 2011-03-07 | 10.0 HIGH | N/A |
| VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106. | |||||
| CVE-2005-0772 | 1 Symantec Veritas | 1 Backup Exec | 2011-03-07 | 5.0 MEDIUM | N/A |
| VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of service (Remote Agent crash) via (1) a crafted packet in NDMLSRVR.DLL or (2) a request packet with an invalid (non-0) "Error Status" value, which triggers a null dereference. | |||||
| CVE-2005-0773 | 1 Symantec Veritas | 1 Backup Exec | 2011-03-07 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument. | |||||