Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2715 | 1 Symantec Veritas | 2 Netbackup Data And Business Center, Netbackup Enterprise Server Client | 2008-09-05 | 10.0 HIGH | N/A |
| Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command. | |||||
| CVE-2005-2692 | 1 Runcms | 1 Runcms | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, the forum parameter to (3) newtopic.php, (4) edit.php, or (5) reply.php in the newbb plus module, or (6) the msg_id parameter to print.php in the messages module. | |||||
| CVE-2005-2533 | 1 Openvpn | 1 Openvpn | 2008-09-05 | 2.1 LOW | N/A |
| OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses. | |||||
| CVE-2005-2644 | 1 Isemarket | 1 Jaguarcontrol | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in JaguarEditControl.dll in Isemarket JaguarControl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Jtext field. | |||||
| CVE-2005-2861 | 1 N-stalker | 1 N-stealth | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in N-Stealth Commercial Edition before 5.8.0.38 and Free Edition before 5.8.1.03 allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report. | |||||
| CVE-2005-2595 | 1 Dada Mail | 1 Dada Mail | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages. | |||||
| CVE-2005-2600 | 1 Ilia Alshanetsky | 1 Fudforum | 2008-09-05 | 5.0 MEDIUM | N/A |
| FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter. | |||||
| CVE-2005-2915 | 1 Linksys | 1 Wrt54g | 2008-09-05 | 5.0 MEDIUM | N/A |
| ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | |||||
| CVE-2005-2531 | 1 Openvpn | 1 Openvpn | 2008-09-05 | 5.0 MEDIUM | N/A |
| OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts. | |||||
| CVE-2005-2857 | 1 Softstack | 1 Free Smtp Server | 2008-09-05 | 7.5 HIGH | N/A |
| Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay (spam proxy). | |||||
| CVE-2005-2875 | 1 Py2play | 1 Py2play | 2008-09-05 | 7.5 HIGH | N/A |
| Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes. | |||||
| CVE-2005-2839 | 1 Maxdev | 1 Md-pro | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via (1) dl-search.php or (2) wl-search.php. | |||||
| CVE-2005-2912 | 1 Linksys | 1 Wrt54g | 2008-09-05 | 5.0 MEDIUM | N/A |
| Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | |||||
| CVE-2005-2642 | 1 Mutt | 1 Mutt | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext. | |||||
| CVE-2005-2658 | 1 Softwolves Software | 1 Turquoise Superstat | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month. | |||||
| CVE-2005-2866 | 1 Mercora | 1 Imradio | 2008-09-05 | 4.6 MEDIUM | N/A |
| Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges. | |||||
| CVE-2005-2670 | 1 Hauri | 4 Livecall, Virobot Advanced Server, Virobot Expert and 1 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in (1) ACE, (2) ARJ, (3) CAB, (4) LZH, (5) RAR, (6) TAR and (7) ZIP files. | |||||
| CVE-2005-2602 | 1 Mozilla | 2 Firefox, Thunderbird | 2008-09-05 | 2.6 LOW | N/A |
| Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks. | |||||
| CVE-2005-2594 | 1 Apple | 1 Safari | 2008-09-05 | 5.0 MEDIUM | N/A |
| Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body. | |||||
| CVE-2005-2646 | 1 Xerox | 20 Document Centre 220, Document Centre 230, Document Centre 240 and 17 more | 2008-09-05 | 6.4 MEDIUM | N/A |
| Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to cause a denial of service or read files via unknown vectors involving crafted HTTP requests. | |||||