Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0703 | 1 Xerox | 18 Workcentre 165, Workcentre 175, Workcentre 2128 and 15 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, has an "unauthenticated account," which allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-1179. | |||||
| CVE-2005-0976 | 3 Apple, Hmdt, Omnigroup | 3 Safari, Shiira, Omniweb | 2008-09-05 | 5.0 MEDIUM | N/A |
| AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs. | |||||
| CVE-2005-1011 | 1 Iatek | 1 Siteenable | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | |||||
| CVE-2005-0835 | 1 Belkin | 1 54g Wireless Router | 2008-09-05 | 5.0 MEDIUM | N/A |
| The SNMP service in the Belkin 54G (F5D7130) wireless router allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2005-0934 | 1 Wackowiki | 1 Wackowiki | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-0700 | 1 Aztek Forum | 1 Aztek Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie. | |||||
| CVE-2005-0987 | 1 Irc Services | 1 Nickserv Listlinks | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 allows remote attackers to obtain the links of a nick. | |||||
| CVE-2005-0890 | 1 Dream4 | 1 Koobi Cms | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary SQL commands via the area parameter. | |||||
| CVE-2005-0972 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.2 HIGH | N/A |
| Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters. | |||||
| CVE-2005-0985 | 1 Apple | 1 Mac Os X | 2008-09-05 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial of service (temporary hang) via unspecified attack vectors related to the fan control unit (FCU) driver. | |||||
| CVE-2005-0914 | 1 Cpg-nuke | 1 Cpg Dragonfly Cms | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter. | |||||
| CVE-2005-0740 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout. | |||||
| CVE-2005-0715 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 2.1 LOW | N/A |
| AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local users to read the contents of a Drop Box. | |||||
| CVE-2005-0698 | 1 Jason Hines | 1 Phpweblog | 2008-09-05 | 4.6 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code. | |||||
| CVE-2005-0930 | 1 Chatness | 1 Chatness | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in message.php in Chatness 2.5.1 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the user field or (2) the message parameter to message.php. | |||||
| CVE-2005-0737 | 1 Yahoo | 1 Messenger | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode. | |||||
| CVE-2005-0908 | 1 Valdersoft | 1 Valdersoft Shopping Cart | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter to index.php or (2) the searchTopCategoryID parameter to search_result.php. | |||||
| CVE-2005-0959 | 1 Yepyep | 1 Mtftpd | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path. | |||||
| CVE-2005-0974 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.2 HIGH | N/A |
| Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. | |||||
| CVE-2005-0916 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 2.1 LOW | N/A |
| AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function but exits without running io_queue_release, which causes exit_aio and is_hugepage_only_range to fail. | |||||