Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2117 | 1 Tinyserver | 1 Tinyserver | 2023-11-07 | 5.0 MEDIUM | N/A |
| Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version. | |||||
| CVE-2005-2541 | 1 Gnu | 1 Tar | 2023-11-07 | 10.0 HIGH | N/A |
| Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. | |||||
| CVE-2005-0135 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 2.1 LOW | N/A |
| The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash). | |||||
| CVE-2005-0942 | 1 Sybase | 1 Adaptive Server Enterprise | 2023-11-07 | 5.0 MEDIUM | N/A |
| The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP port. | |||||
| CVE-2004-2680 | 1 Apache | 1 Mod Python | 2023-11-07 | 5.0 MEDIUM | N/A |
| mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory. | |||||
| CVE-2004-2140 | 1 Yabb | 1 Yabb | 2023-11-07 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in YaBB 1 Gold before 1.3.2 allows remote attackers to modify text file contents via the subject variable. | |||||
| CVE-2005-0156 | 7 Ibm, Larry Wall, Redhat and 4 more | 9 Aix, Perl, Enterprise Linux and 6 more | 2023-11-07 | 2.1 LOW | N/A |
| Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. | |||||
| CVE-2005-3523 | 1 Gpsdrive | 1 Gpsdrive | 2023-11-07 | 7.5 HIGH | N/A |
| Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field. | |||||
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2023-11-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | |||||
| CVE-2004-2521 | 1 Geeos Team | 1 Gattaca Server 2003 | 2023-11-07 | 5.0 MEDIUM | N/A |
| Mail server in Gattaca Server 2003 1.1.10.0 allows remote attackers to perform a denial of service (application crash) via a large number of connections to TCP port (1) 25 (SMTP) or (2) 110 (POP). | |||||
| CVE-2004-2232 | 1 Moodle | 1 Moodle | 2023-11-07 | 7.5 HIGH | N/A |
| SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | |||||
| CVE-2005-1396 | 1 Swlink | 1 Ce Ceterm | 2023-11-07 | 1.2 LOW | N/A |
| Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrary files via a symlink attack on the ce_edit_log temporary file. | |||||
| CVE-2005-3848 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 7.8 HIGH | N/A |
| Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply." | |||||
| CVE-2005-3807 | 1 Linux | 1 Linux Kernel | 2023-11-07 | 4.9 MEDIUM | N/A |
| Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function. | |||||
| CVE-2004-2116 | 1 Tinyserver | 1 Tinyserver | 2023-11-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2005-0390 | 1 Axel | 1 Axel | 2023-11-07 | 7.5 HIGH | N/A |
| Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code. | |||||
| CVE-2005-3388 | 1 Php | 1 Php | 2023-11-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment." | |||||
| CVE-2005-3745 | 1 Apache | 1 Struts | 2023-11-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly quoted or filtered when the request handler generates an error message. | |||||
| CVE-2004-2378 | 1 Calacode | 1 At Mail Webmail System | 2023-11-07 | 5.0 MEDIUM | N/A |
| @Mail 3.64 for Windows allows remote attackers to cause a denial of service ("unusable" server) via a large number of POP3 connections to the server. | |||||
| CVE-2005-3134 | 1 Citrix | 1 Metaframe | 2023-11-07 | 7.5 HIGH | N/A |
| Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName). | |||||