Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2611 | 1 Symantec Veritas | 3 Backup Exec, Backup Exec Remote Agent, Netbackup | 2017-07-10 | 10.0 HIGH | N/A |
| VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server. | |||||
| CVE-2005-2613 | 1 Cpaint | 1 Cpaint | 2017-07-10 | 6.4 MEDIUM | N/A |
| Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows attackers to execute arbitrary PHP or ASP code or read files via unknown vectors. | |||||
| CVE-2005-2620 | 1 Novell | 1 Groupwise | 2017-07-10 | 5.0 MEDIUM | N/A |
| grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory. | |||||
| CVE-2005-2630 | 1 Realnetworks | 2 Realone Player, Realplayer | 2017-07-10 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094. | |||||
| CVE-2005-2632 | 1 Mediabox404 | 1 Mediabox404 | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login_admin_mediabox404.php in mediabox404 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the User field. | |||||
| CVE-2005-2634 | 1 Winftp Server | 1 Winftp Server | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the Log-SCR function in the "Log to Screen" feature in WinFtp Server 1.6.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long request. | |||||
| CVE-2005-2635 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2017-07-10 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds before 2.0.6 allow remote attackers to include arbitrary files via a .. (dot dot) in the (1) layerstyle parameter to adlayer.php or (2) language parameter to js-form.php. | |||||
| CVE-2005-2636 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter. | |||||
| CVE-2005-2648 | 1 W-agora | 1 W-agora | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in W-Agora 4.2.0 and earlier allows remote attackers to read arbitrary files via the site parameter. | |||||
| CVE-2005-2649 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php. | |||||
| CVE-2005-2651 | 1 Phpoutsourcing | 1 Zorum | 2017-07-10 | 7.5 HIGH | N/A |
| gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter. | |||||
| CVE-2005-2652 | 1 Phpoutsourcing | 1 Zorum | 2017-07-10 | 5.0 MEDIUM | N/A |
| Zorum 3.5 allows remote attackers to obtain the full installation path via direct requests to (1) gorum/notification.php, (2) user.php, (3) attach.php, (4) blacklist.php, (5) zorum/forum.php, (6) globalstat.php, (7) gorum/trace.php, (8) gorum/badwords.php, or (9) gorum/flood.php. | |||||
| CVE-2005-2653 | 1 Bbcaffe | 1 Bbcaffe | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote attackers to inject arbitrary web script or HTML via e-mail data in a message. | |||||
| CVE-2005-2657 | 1 Common-lisp-controller | 1 Common-lisp-controller | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before. | |||||
| CVE-2005-2662 | 1 Masqmail | 1 Masqmail | 2017-07-10 | 7.5 HIGH | N/A |
| masqmail before 0.2.18 allows remote attackers to execute arbitrary commands via crafted e-mail addresses that are not properly sanitized when creating a failed delivery message. | |||||
| CVE-2005-2663 | 1 Masqmail | 1 Masqmail | 2017-07-10 | 2.1 LOW | N/A |
| masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file. | |||||
| CVE-2005-2687 | 1 Savewebportal | 1 Savewebportal | 2017-07-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php. | |||||
| CVE-2005-2694 | 1 Winace | 1 Winace | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, allows remote attackers to execute arbitrary code via a temporary (.tmp) file that contains an entry with a long file name. | |||||
| CVE-2005-2695 | 1 Cisco | 2 Ciscoworks Management Center For Ids Sensors, Ciscoworks Monitoring Center For Security | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SSL certificate checking functionality in Cisco CiscoWorks Management Center for IDS Sensors (IDSMC) 2.0 and 2.1, and Monitoring Center for Security (Security Monitor or Secmon) 1.1 through 2.0 and 2.1, allows remote attackers to spoof a Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS). | |||||
| CVE-2005-2698 | 1 Nelogic Technologies | 1 Nephp Publisher Enterprise | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded keywords parameter. | |||||