Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0703 | 1 Xerox | 18 Workcentre 165, Workcentre 175, Workcentre 2128 and 15 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, has an "unauthenticated account," which allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-1179. | |||||
| CVE-2005-0713 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 4.6 MEDIUM | N/A |
| The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges. | |||||
| CVE-2005-0715 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 2.1 LOW | N/A |
| AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. | |||||
| CVE-2005-0716 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. | |||||
| CVE-2005-0737 | 1 Yahoo | 1 Messenger | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode. | |||||
| CVE-2005-0740 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. | |||||
| CVE-2005-0741 | 1 Yabb | 1 Yabb | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action. | |||||
| CVE-2005-0745 | 1 Utstarcom | 1 Ian-02ex Voip Ata | 2008-09-05 | 4.6 MEDIUM | N/A |
| UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local users to bypass ATA access restrictions by dialing "*#26845#" and causing a device reset. | |||||
| CVE-2005-0747 | 1 Applyyourself | 1 I-class | 2008-09-05 | 5.0 MEDIUM | N/A |
| ApplyYourself i-Class allows remote attackers to obtain sensitive information about their own applications by reusing the hidden ID field, as demonstrated using the id parameter to ApplicantDecision.asp. | |||||
| CVE-2005-0763 | 1 Midnight Commander | 1 Midnight Commander | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code. | |||||
| CVE-2005-0764 | 1 Marc Lehmann | 1 Rxvt-unicode | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences. | |||||
| CVE-2005-0809 | 1 Notify Technology | 1 Notifylink | 2008-09-05 | 7.5 HIGH | N/A |
| NotifyLink, when configured for client key retrieval, allows remote attackers to obtain AES keys via a direct request to /hwp/get.asp, then uses a weak encryption scheme (fixed byte reordering) to protect the key, which allows remote attackers to obtain the key via a brute force attack. | |||||
| CVE-2005-0810 | 1 Notify Technology | 1 Notifylink | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQL commands via the URL. | |||||
| CVE-2005-0811 | 1 Notify Technology | 1 Notifylink | 2008-09-05 | 4.6 MEDIUM | N/A |
| The web interface in NotifyLink 3.0 does not properly restrict access to functions that have been disabled in the GUI, which allows remote authenticated users to bypass intended restrictions via a direct request to certain URLs. | |||||
| CVE-2005-0812 | 1 Notify Technology | 1 Notifylink | 2008-09-05 | 5.0 MEDIUM | N/A |
| The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local users to obtain sensitive information. | |||||
| CVE-2005-0813 | 1 Initial Redirect | 1 Initial Redirect Squid Proxy Plug-in | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Initial Redirect (ir) Squid Proxy Plug-In 0.1 and 0.2 may allow attackers to cause a denial of service and execute arbitrary code via unknown vectors. | |||||
| CVE-2005-0819 | 1 Novell | 1 Netware | 2008-09-05 | 5.0 MEDIUM | N/A |
| The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start. | |||||
| CVE-2005-0820 | 1 Microsoft | 1 Office Infopath | 2008-09-05 | 5.0 MEDIUM | N/A |
| Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a custom .xsn form, which allows attackers to obtain printer and network information, obtain the database name, username, and password, or obtain the internal web server name. | |||||
| CVE-2005-0822 | 1 Citrix | 1 Metaframe Password Manager | 2008-09-05 | 2.1 LOW | N/A |
| Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfuscated when presented to a user, which allows users to view their secondary passwords even if it is not allowed by policy. | |||||
| CVE-2005-0825 | 1 Lgames | 1 Ltris | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted highscores file. | |||||