Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2386 | 1 Elemental Software | 1 Cartwiz | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1.20 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2005-2521 | 1 Apple | 1 Mac Os X | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-2387 | 1 Goodtech Systems | 1 Goodtech Smtp Server | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO commands with a long e-mail name arugment in the last command. | |||||
| CVE-2005-2385 | 1 Alwil | 1 Avast Antivirus | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename. | |||||
| CVE-2005-2526 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2008-09-05 | 5.0 MEDIUM | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | |||||
| CVE-2005-2212 | 1 Sukria | 1 Backup Manager | 2008-09-05 | 6.4 MEDIUM | N/A |
| Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository. | |||||
| CVE-2005-2173 | 1 Mozilla | 1 Bugzilla | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Flag::validate and Flag::modify functions in Bugzilla 2.17.1 to 2.18.1 and 2.19.1 to 2.19.3 do not verify that the flag ID is appropriate for the given bug or attachment ID, which allows users to change flags on arbitrary bugs and obtain a bug summary via process_bug.cgi. | |||||
| CVE-2005-2506 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates. | |||||
| CVE-2005-2232 | 1 Ibm | 1 Aix | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument. | |||||
| CVE-2005-2203 | 1 Phpwishlist | 1 Phpwishlist | 2008-09-05 | 7.5 HIGH | N/A |
| login.php in phpWishlist before 0.1.15 allows remote attackers to bypass authentication via a direct request to admin.php. | |||||
| CVE-2005-2334 | 1 Y.sak | 1 Y.sak | 2008-09-05 | 10.0 HIGH | N/A |
| Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi. | |||||
| CVE-2005-2205 | 1 Pngren | 1 Pngren | 2008-09-05 | 7.5 HIGH | N/A |
| The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | |||||
| CVE-2005-2235 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments. | |||||
| CVE-2005-2140 | 1 Fsboard | 1 Fsboard | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter. | |||||
| CVE-2005-1972 | 1 Interactivephp | 1 Fusionbb | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie. | |||||
| CVE-2005-2137 | 1 Nateon | 1 Nateon Messenger | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in NateOn Messenger 3.0 allows remote attackers to list arbitrary directories via unknown attack vectors. | |||||
| CVE-2005-1789 | 1 India Software Solution | 1 Shopping Cart | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password. | |||||
| CVE-2005-1888 | 1 Mediawiki | 1 Mediawiki | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page templates. | |||||
| CVE-2005-1933 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.5 HIGH | N/A |
| Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget with the same bundle identifier (CFBundleIdentifier), a different vulnerability than CVE-2005-1474. | |||||
| CVE-2005-2043 | 1 Xampp | 1 Apache Distribution | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php. | |||||