Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1018 | 1 Ca | 1 Brightstor Arcserve Backup | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field. | |||||
| CVE-2005-1022 | 1 Macromedia | 1 Coldfusion | 2016-10-17 | 5.0 MEDIUM | N/A |
| ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses directory, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2005-1025 | 1 Ibm | 1 Iseries As 400 | 2016-10-17 | 5.0 MEDIUM | N/A |
| The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library. | |||||
| CVE-2005-1026 | 2 Dlman Pro, Linkz Pro | 2 Dlman Pro, Linkz Pro | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to dlman.php in DLMan Pro or (2) id parameter to links.php in Linkz Pro (aka LinksLinks Pro). | |||||
| CVE-2005-1033 | 1 Devellion | 1 Cubecart | 2016-10-17 | 5.0 MEDIUM | N/A |
| CubeCart 2.0.6 allows remote attackers to obtain sensitive information via an invalid (1) language parameter to index.php, (2) PHPSESSID parameter to index.php, (3) product parameter to tellafriend.php, (4) add parameter to view_cart.php, or (5) product parameter to view_product.php, which reveals the path in a PHP error message. | |||||
| CVE-2005-1047 | 1 Phpbb Group | 1 Phpbb | 2016-10-17 | 7.5 HIGH | N/A |
| Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory. | |||||
| CVE-2005-1051 | 1 Punbb | 1 Punbb | 2016-10-17 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action. | |||||
| CVE-2005-0836 | 1 Sun | 1 J2se | 2016-10-17 | 10.0 HIGH | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | |||||
| CVE-2005-0842 | 1 Kayako | 1 Esupport | 2016-10-17 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter. | |||||
| CVE-2005-0843 | 1 Phorum | 1 Phorum | 2016-10-17 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header. | |||||
| CVE-2005-0845 | 1 Netwin | 1 Surgemail | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenticated users to write arbitrary files or directories via a .. (dot dot) in the attach_id parameter. | |||||
| CVE-2005-0846 | 1 Netwin | 1 Surgemail | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field. | |||||
| CVE-2005-0868 | 4 Bosanova, Ibm, Mochasoft and 1 more | 4 Launcher400, Client Access, Tn5250 and 1 more | 2016-10-17 | 7.5 HIGH | N/A |
| AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC. | |||||
| CVE-2005-0873 | 1 Oracle | 1 10g Reports Server | 2016-10-17 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter. | |||||
| CVE-2005-0874 | 1 Cerulean Studios | 1 Trillian | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | |||||
| CVE-2005-0875 | 1 Cerulean Studios | 1 Trillian | 2016-10-17 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | |||||
| CVE-2005-0892 | 1 Smail | 1 Smail | 2016-10-17 | 10.0 HIGH | N/A |
| Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands. | |||||
| CVE-2005-0893 | 1 Smail | 1 Smail | 2016-10-17 | 7.6 HIGH | N/A |
| modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may allow attackers to execute arbitrary code via signal handler race conditions, possibly using xmalloc. | |||||
| CVE-2005-0894 | 1 Openmosixview | 1 Openmosixview | 2016-10-17 | 3.6 LOW | N/A |
| OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local users to overwrite or delete arbitrary files via a symlink attack on (1) temporary files in the openmosixcollector directory or (2) nodes.tmp. | |||||
| CVE-2005-0895 | 1 Netcomm | 1 Nb1300 | 2016-10-17 | 5.0 MEDIUM | N/A |
| Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a large number of ping packets. | |||||