Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3143 | 1 4d | 1 Webstar | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2. | |||||
| CVE-2005-3289 | 1 Ibm | 1 Aix | 2008-09-05 | 2.1 LOW | N/A |
| LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file. | |||||
| CVE-2005-3075 | 1 Mpc-donkey | 1 Zengaia | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2005-3174 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long. | |||||
| CVE-2005-3033 | 1 Cambridge Computer Corporation | 1 Vxweb | 2008-09-05 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2005-3166 | 1 Mediawiki | 1 Mediawiki | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in "edit submission handling" for MediaWiki 1.4.x before 1.4.10 and 1.3.x before 1.3.16 allows remote attackers to cause a denial of service (corruption of the previous submission) via a crafted URL. | |||||
| CVE-2005-3155 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-3015 | 1 Ibm | 2 Lotus Domino, Lotus Domino Enterprise Server | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters. | |||||
| CVE-2005-3173 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply group policies if the user logs on using UPN credentials with a trailing dot, which prevents Windows 2000 from finding the correct domain controller and could allow the user to bypass intended restrictions. | |||||
| CVE-2005-2870 | 1 Sun | 1 Solaris | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses. | |||||
| CVE-2005-2852 | 1 Novell | 1 Netware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm. | |||||
| CVE-2005-2598 | 1 Dokeos | 1 Dokeos | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via the move_to and move_file parameters to claroline/document/document.php, or determine the existence of arbitrary files via the file parameter to (3) claroline/scorm/showinframes.php or (4) claroline/scorm/contents.php. | |||||
| CVE-2005-2850 | 1 Whitsoft Development | 1 Slimftpd | 2008-09-05 | 5.0 MEDIUM | N/A |
| SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error. | |||||
| CVE-2005-2609 | 1 Vegadns | 1 Vegadns | 2008-09-05 | 5.0 MEDIUM | N/A |
| index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter. | |||||
| CVE-2005-2647 | 1 Xerox | 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors. | |||||
| CVE-2005-2748 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 2.1 LOW | N/A |
| The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application. | |||||
| CVE-2005-2851 | 1 Smb4k | 1 Smb4k | 2008-09-05 | 2.1 LOW | N/A |
| smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a symlink attack on the (1) smb4k.tmp or (2) sudoers temporary files. | |||||
| CVE-2005-2589 | 1 Linksys | 1 Wrt54gs | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. | |||||
| CVE-2005-2761 | 1 Phpgroupware | 1 Phpgroupware | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message. | |||||
| CVE-2005-2809 | 1 Silc | 1 Secure Internet Live Conferencing | 2008-09-05 | 2.1 LOW | N/A |
| silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file. | |||||