CVE-2005-0xxx

There are 966 CVE in this subgroup.
Last updated: 
← Back to 2005
ID Summary Flags Max Score
CVE-2005-0001 Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, a...
CVE-2005-0002 poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered t...
CVE-2005-0003 The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly...
S
CVE-2005-0004 The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and oth...
S
CVE-2005-0005 Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allo...
E S
CVE-2005-0006 The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of se...
S
CVE-2005-0007 Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attacker...
S
CVE-2005-0008 Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers...
S
CVE-2005-0009 Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote atta...
S
CVE-2005-0010 Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attacker...
S
CVE-2005-0011 Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support ...
S
CVE-2005-0012 Format string vulnerability in the a_Interface_msg function in Dillo before 0.8.3-r4 allows remote a...
E S
CVE-2005-0013 nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the ...
S
CVE-2005-0014 Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute...
CVE-2005-0015 diatheke.pl in Sword 1.5.7a allows remote attackers to execute arbitrary commands via shell metachar...
S
CVE-2005-0016 Buffer overflow in the exported_display function in xatitv in gatos before 0.0.5 allows local users ...
S
CVE-2005-0017 The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a symlink a...
S
CVE-2005-0018 The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink ...
S
CVE-2005-0019 Unknown vulnerability in hztty 2.0 and earlier allows local users to execute arbitrary commands....
S
CVE-2005-0020 Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code....
S
CVE-2005-0021 Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) ...
E S
CVE-2005-0022 Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from ...
S
CVE-2005-0023 gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a m...
E
CVE-2005-0033 Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote at...
S
CVE-2005-0034 An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enab...
S
CVE-2005-0035 The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet...
CVE-2005-0036 The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of s...
S
CVE-2005-0037 The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via ...
S
CVE-2005-0038 The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of s...
CVE-2005-0039 Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, int...
CVE-2005-0040 Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke before 3.0.12 allow remote attacke...
CVE-2005-0043 Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL...
E S
CVE-2005-0044 The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, do...
S
CVE-2005-0045 The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not...
S
CVE-2005-0047 Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM str...
S
CVE-2005-0048 Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems all...
S
CVE-2005-0049 Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly v...
S
CVE-2005-0050 The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does...
S
CVE-2005-0051 The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitiv...
S
CVE-2005-0053 Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and dr...
E S
CVE-2005-0054 Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone...
S
CVE-2005-0055 Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML me...
S
CVE-2005-0056 Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition For...
E S
CVE-2005-0057 The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to ex...
S
CVE-2005-0058 Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, ...
S
CVE-2005-0059 Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows...
CVE-2005-0060 Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, ...
CVE-2005-0061 The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local u...
CVE-2005-0063 The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP,...
S
CVE-2005-0064 Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows...
E S
CVE-2005-0065 The original design of TCP does not check that the TCP sequence number in an ICMP error message is w...
CVE-2005-0066 The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error messa...
CVE-2005-0067 The original design of TCP does not require that port numbers be assigned randomly (aka "Port random...
CVE-2005-0068 The original design of ICMP does not require authentication for host-generated ICMP error messages, ...
CVE-2005-0069 The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbit...
S
CVE-2005-0070 Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop...
S
CVE-2005-0071 vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files...
CVE-2005-0072 zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows loc...
E S
CVE-2005-0073 Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local us...
S
CVE-2005-0074 Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code....
S
CVE-2005-0075 prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to in...
S
CVE-2005-0076 Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code v...
CVE-2005-0077 The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink...
S
CVE-2005-0078 The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain fun...
S
CVE-2005-0079 Buffer overflow in xtrlock 2.0 allows local users to cause a denial of service (application crash) a...
S
CVE-2005-0080 The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error me...
CVE-2005-0081 MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial o...
S
CVE-2005-0082 The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows ...
S
CVE-2005-0083 MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote att...
S
CVE-2005-0084 Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to ex...
S
CVE-2005-0085 Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers...
S
CVE-2005-0086 Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial ...
CVE-2005-0087 The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, whic...
CVE-2005-0088 The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to r...
S
CVE-2005-0089 The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC...
S
CVE-2005-0090 A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access che...
CVE-2005-0091 Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the h...
CVE-2005-0092 Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on ...
S
CVE-2005-0093 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2005-0094 Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and ea...
E S
CVE-2005-0095 The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a de...
E S
CVE-2005-0096 Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attacke...
S
CVE-2005-0097 The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of ser...
S
CVE-2005-0098 Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before 2.00 allow local users to exec...
E S
CVE-2005-0099 The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating cert...
S
CVE-2005-0100 Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other vers...
S
CVE-2005-0101 Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious...
E S
CVE-2005-0102 Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote ma...
S
CVE-2005-0103 PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote at...
S
CVE-2005-0104 Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote a...
S
CVE-2005-0105 Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges....
S
CVE-2005-0106 SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is no...
CVE-2005-0107 bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to...
S
CVE-2005-0108 Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a...
E
CVE-2005-0109 Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pen...
S
CVE-2005-0110 Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning di...
CVE-2005-0111 Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers ...
E S
CVE-2005-0112 The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08...
S
CVE-2005-0113 inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD envir...
CVE-2005-0114 vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check ...
S
CVE-2005-0115 Stack-based buffer overflow in DataRescue Interactive Disassembler (IDA) Pro 4.7 allows attackers to...
S
CVE-2005-0116 AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands vi...
E S
CVE-2005-0117 Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS...
CVE-2005-0118 helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable p...
CVE-2005-0119 helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the e...
CVE-2005-0120 helvis 1.8h2_1 and earlier allows local users to delete arbitrary files via the elvprsv setuid progr...
E
CVE-2005-0121 Multiple buffer overflows in golddig 2.0 and earlier allow local users to execute arbitrary code via...
CVE-2005-0122 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0975. Reason: This candida...
R
CVE-2005-0123 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0124 The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x befor...
CVE-2005-0125 The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local...
S
CVE-2005-0126 ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC...
S
CVE-2005-0127 Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes inform...
S
CVE-2005-0128 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0129 The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC comman...
CVE-2005-0130 Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via s...
CVE-2005-0131 The Quick Connection dialog in Konversation 0.15 inadvertently uses the user-provided password as th...
CVE-2005-0133 ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) vi...
S
CVE-2005-0134 The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in ...
S
CVE-2005-0135 The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allo...
S
CVE-2005-0136 The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that a...
S
CVE-2005-0137 Linux kernel 2.6 on Itanium (ia64) architectures allows local users to cause a denial of service via...
S
CVE-2005-0138 rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clien...
S
CVE-2005-0139 Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently res...
S
CVE-2005-0140 Buffer overflow in PeID allows attackers to execute arbitrary code via a PE file with an Import Addr...
S
CVE-2005-0141 Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "wi...
S
CVE-2005-0142 Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save tempor...
S
CVE-2005-0143 Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a ...
S
CVE-2005-0144 Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: UR...
S
CVE-2005-0145 Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, ...
S
CVE-2005-0146 Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the...
S
CVE-2005-0147 Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy au...
S
CVE-2005-0148 Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing ja...
CVE-2005-0149 Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCo...
S
CVE-2005-0150 Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookma...
S
CVE-2005-0151 Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Phot...
S
CVE-2005-0152 PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows remote attackers to execute arb...
S
CVE-2005-0155 The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local us...
E S
CVE-2005-0156 Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sper...
E S
CVE-2005-0157 The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addr...
S
CVE-2005-0158 Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBa...
S
CVE-2005-0159 The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users t...
S
CVE-2005-0160 Multiple buffer overflows in unace 1.2b allow attackers to execute arbitrary code via (1) 2 overflow...
CVE-2005-0161 Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary fi...
CVE-2005-0162 Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Open...
S
CVE-2005-0165 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0166 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0167 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0168 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0169 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0170 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0171 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0172 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0173 squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based ...
S
CVE-2005-0174 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks v...
S
CVE-2005-0175 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitti...
S
CVE-2005-0176 The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other proc...
CVE-2005-0177 nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a ...
S
CVE-2005-0178 Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial o...
S
CVE-2005-0179 Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consump...
S
CVE-2005-0180 Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x all...
E S
CVE-2005-0182 The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filena...
E
CVE-2005-0183 ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to execute arbit...
CVE-2005-0184 Directory traversal vulnerability in ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmai...
E
CVE-2005-0185 Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbi...
CVE-2005-0186 Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallMa...
E
CVE-2005-0187 Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to exec...
CVE-2005-0188 Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to e...
CVE-2005-0189 Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlie...
S
CVE-2005-0190 Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attacke...
S
CVE-2005-0191 Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPla...
S
CVE-2005-0192 Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040)...
CVE-2005-0193 Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and ear...
E
CVE-2005-0194 Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), includi...
S
CVE-2005-0195 Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart)...
S
CVE-2005-0196 Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, al...
S
CVE-2005-0197 Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed b...
S
CVE-2005-0198 A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Chal...
S
CVE-2005-0199 Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote a...
E S
CVE-2005-0200 TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory...
S
CVE-2005-0201 D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is kno...
S
CVE-2005-0202 Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earl...
S
CVE-2005-0203 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has be...
R
CVE-2005-0204 Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local use...
S
CVE-2005-0205 KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly cl...
S
CVE-2005-0206 The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for...
S
CVE-2005-0207 Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial o...
S
CVE-2005-0208 The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service ...
S
CVE-2005-0209 Netfilter in Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash...
S
CVE-2005-0210 Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consum...
S
CVE-2005-0211 Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial ...
S
CVE-2005-0212 The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to caus...
E
CVE-2005-0213 Directory traversal vulnerability in WinHKI 1.4d allows remote attackers to overwrite arbitrary file...
CVE-2005-0214 Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to re...
E S
CVE-2005-0215 Mozilla 1.6 and possibly other versions allows remote attackers to cause a denial of service (applic...
CVE-2005-0216 Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e...
E
CVE-2005-0217 SQL injection vulnerability in index.php in Invision Community Blog allows remote attackers to execu...
CVE-2005-0218 ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image ...
S
CVE-2005-0219 Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to i...
S
CVE-2005-0220 Cross-site scripting vulnerability in login.php in Gallery 1.4.4-pl2 allows remote attackers to inje...
S
CVE-2005-0221 Cross-site scripting (XSS) vulnerability in login.php in Gallery 2.0 Alpha allows remote attackers t...
E S
CVE-2005-0222 main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitive information by changing the ...
CVE-2005-0223 The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX all...
CVE-2005-0224 Unknown vulnerability in HP-UX B.11.04 running Virtualvault 4.5 through 4.7, when running the TGA da...
S
CVE-2005-0225 firehol.sh in FireHOL before 1.224 creates temporary files with predictable file names, which could ...
CVE-2005-0226 Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when...
E S
CVE-2005-0227 PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libr...
S
CVE-2005-0228 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1388. Reason: This candida...
R
CVE-2005-0229 CitrusDB 0.3.5 and earlier stores the newfile.txt temporary data file under the web root, which allo...
E S
CVE-2005-0230 Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an...
E S
CVE-2005-0231 Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data:...
E S
CVE-2005-0232 Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config ...
E S
CVE-2005-0233 The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 al...
E S
CVE-2005-0234 The International Domain Name (IDN) support in Safari 1.2.5 allows remote attackers to spoof domain ...
E
CVE-2005-0235 The International Domain Name (IDN) support in Opera 7.54 allows remote attackers to spoof domain na...
E
CVE-2005-0236 The International Domain Name (IDN) support in Omniweb 5 allows remote attackers to spoof domain nam...
E
CVE-2005-0237 The International Domain Name (IDN) support in Konqueror 3.2.1 on KDE 3.2.1 allows remote attackers ...
E S
CVE-2005-0238 The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain name...
E S
CVE-2005-0239 viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows remote attackers to execute ar...
S
CVE-2005-0240 Format string vulnerability in chdev on IBM AIX 5.2 allows local users to execute arbitrary code via...
CVE-2005-0241 The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly se...
S
CVE-2005-0242 The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows...
E S
CVE-2005-0243 Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly displa...
S
CVE-2005-0244 PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions...
S
CVE-2005-0245 Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary ...
E S
CVE-2005-0246 The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of ser...
S
CVE-2005-0247 Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute ...
S
CVE-2005-0248 The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are c...
S
CVE-2005-0249 Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attack...
S
CVE-2005-0250 Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execut...
S
CVE-2005-0251 Cross-site scripting (XSS) vulnerability in bibindex.php for BibORB 1.3.2, and possibly earlier vers...
E S
CVE-2005-0252 SQL injection vulnerability in BibORB 1.3.2, and possibly earlier versions, allows remote attackers ...
E S
CVE-2005-0253 Directory traversal vulnerability in index.php for BibORB 1.3.2, and possibly earlier versions, allo...
E S
CVE-2005-0254 BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading o...
E S
CVE-2005-0255 String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the n...
S
CVE-2005-0256 The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause ...
E S
CVE-2005-0258 Directory traversal vulnerability in (1) usercp_register.php and (2) usercp_avatar.php for phpBB 2.0...
S
CVE-2005-0259 phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows ...
S
CVE-2005-0260 Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier...
E S
CVE-2005-0261 lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing th...
S
CVE-2005-0262 Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code ...
S
CVE-2005-0263 Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via...
S
CVE-2005-0264 Multiple cross-site scripting (XSS) vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote at...
E
CVE-2005-0265 Multiple SQL injection vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to ex...
E S
CVE-2005-0266 Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inj...
CVE-2005-0267 index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage ...
E S
CVE-2005-0268 Direct code injection vulnerability in FlatNuke 2.5.1 allows remote attackers to execute arbitrary P...
S
CVE-2005-0269 The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowe...
E
CVE-2005-0270 Multiple cross-site scripting (XSS) vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote a...
E
CVE-2005-0271 Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to e...
E S
CVE-2005-0272 ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by ...
S
CVE-2005-0273 Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote atta...
E
CVE-2005-0274 Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php in PhotoPost before 4.86 allo...
E S
CVE-2005-0275 TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (applicat...
CVE-2005-0276 Multiple format string vulnerabilities in the FTP service in 3Com 3CDaemon 2.0 revision 10 allow rem...
CVE-2005-0277 Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause...
E
CVE-2005-0278 The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive informati...
E
CVE-2005-0279 Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, ...
E
CVE-2005-0280 Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to caus...
E
CVE-2005-0281 Cross-site scripting (XSS) vulnerability in the web interface in Soldner Secret Wars 30830 allows re...
E
CVE-2005-0282 SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execu...
E
CVE-2005-0283 Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrar...
CVE-2005-0284 SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly o...
CVE-2005-0285 Webseries Payment Application does not properly restrict privileged operations, which allows remote ...
E
CVE-2005-0286 eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information ...
CVE-2005-0287 Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the netw...
CVE-2005-0288 The change password functionality in Bottomline Webseries Payment Application does not require the o...
CVE-2005-0289 Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Servi...
CVE-2005-0290 NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass ...
E
CVE-2005-0291 Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, a...
CVE-2005-0292 Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and pos...
E S
CVE-2005-0293 Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitr...
E
CVE-2005-0294 minis.php in Minis 0.2.1 allows remote attackers to cause a denial of service (infinite loop) via an...
E
CVE-2005-0295 npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any process that calls it, which allo...
CVE-2005-0296 NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess al...
CVE-2005-0297 SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitra...
CVE-2005-0298 The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating s...
S
CVE-2005-0299 Directory traversal vulnerability in GForge 3.3 and earlier allows remote attackers to list arbitrar...
S
CVE-2005-0300 Directory traversal vulnerability in session.php in JSBoard 2.0.9 and earlier allows remote attacker...
S
CVE-2005-0301 comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass ...
CVE-2005-0302 SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers t...
E S
CVE-2005-0303 Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_supportError.asp or (2) comersus...
CVE-2005-0304 Directory traversal vulnerability in DivX Player 2.6 and earlier allows remote attackers to overwrit...
E
CVE-2005-0305 CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to a...
E
CVE-2005-0306 MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with th...
S
CVE-2005-0307 Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote ...
S
CVE-2005-0308 Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to exec...
CVE-2005-0309 Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) mod.php in Exponent 0.95...
CVE-2005-0310 Exponent 0.95 allows remote attackers to obtain sensitive information via a direct HTTP request to (...
CVE-2005-0311 Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the ad...
CVE-2005-0312 WarFTPD 1.82 RC9, when running as an NT service, allows remote authenticated users to cause a denial...
S
CVE-2005-0313 Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote att...
S
CVE-2005-0314 Cross-site scripting (XSS) vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows r...
S
CVE-2005-0315 The FTP service in Magic Winmail Server 4.0 Build 1112 does not verify that the IP address in a PORT...
S
CVE-2005-0316 WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT request...
E S
CVE-2005-0317 Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remo...
S
CVE-2005-0318 useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged ...
S
CVE-2005-0319 Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attacke...
S
CVE-2005-0320 Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0...
S
CVE-2005-0321 MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allows remote authenticated users to gain sensit...
CVE-2005-0322 MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server ...
CVE-2005-0323 Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery Webmail 2.6 allows remote attac...
CVE-2005-0324 Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain sensitive information via an HT...
CVE-2005-0325 Xpand Rally 1.0.0.0 allows remote attackers or remote malicious game servers to cause a denial of se...
E S
CVE-2005-0326 pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or...
CVE-2005-0327 pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified...
CVE-2005-0328 Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers...
CVE-2005-0329 Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and...
S
CVE-2005-0330 Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remo...
E S
CVE-2005-0331 Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file t...
CVE-2005-0332 Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote atta...
S
CVE-2005-0333 LANChat Pro Revival 1.666c allows remote attackers to cause a denial of service (application crash) ...
E
CVE-2005-0334 Linksys PSUS4 running firmware 6032 allows remote attackers to cause a denial of service (device cra...
E
CVE-2005-0335 Directory traversal vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to ...
CVE-2005-0336 Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attack...
CVE-2005-0337 Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_rec...
S
CVE-2005-0338 Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a lon...
E
CVE-2005-0339 Buffer overflow in Foxmail 2.0 allows remote attackers to cause a denial of service and possibly exe...
E
CVE-2005-0340 Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denia...
S
CVE-2005-0341 Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML,...
E
CVE-2005-0342 The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileg...
E S
CVE-2005-0343 SQL injection vulnerability in PerlDesk 1.x allows remote attackers to inject arbitrary SQL commands...
E S
CVE-2005-0344 Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 allows remote authenticated users t...
E S
CVE-2005-0345 viewthread.php in php-fusion 4.x does not check the (1) forum_id or (2) forum_cat parameters, which ...
CVE-2005-0346 SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the...
E
CVE-2005-0347 Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary co...
CVE-2005-0348 Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrar...
CVE-2005-0349 The production release of the UniversalAgent for UNIX in BrightStor ARCserve Backup 11.1 contains ha...
E S
CVE-2005-0350 Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows rem...
S
CVE-2005-0351 Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might...
S
CVE-2005-0352 Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading...
CVE-2005-0353 Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows ...
E S
CVE-2005-0356 Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timest...
E S
CVE-2005-0357 EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7....
S
CVE-2005-0358 EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do...
S
CVE-2005-0359 The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterpr...
S
CVE-2005-0360 The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for In...
S
CVE-2005-0362 awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharac...
CVE-2005-0363 awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell me...
S
CVE-2005-0364 Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers t...
S
CVE-2005-0365 The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, whic...
S
CVE-2005-0366 The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feed...
CVE-2005-0367 Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authentica...
E
CVE-2005-0368 Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL co...
CVE-2005-0369 Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to ca...
CVE-2005-0370 Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to...
CVE-2005-0371 Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to...
CVE-2005-0372 Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers...
S
CVE-2005-0373 Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the ...
S
CVE-2005-0374 Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inje...
E
CVE-2005-0375 imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP r...
E
CVE-2005-0376 PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers ...
E
CVE-2005-0377 SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute ar...
E
CVE-2005-0378 Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject ar...
E S
CVE-2005-0379 Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and earlier allow remote attackers ...
E
CVE-2005-0380 Multiple PHP remote file inclusion vulnerabilities in (1) print_category.php, (2) login.php, (3) set...
E S
CVE-2005-0381 Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject...
CVE-2005-0382 Breed patch 1 and earlier allows remote attackers to cause a denial of service (application crash) v...
E
CVE-2005-0383 Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a ...
E S
CVE-2005-0384 Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to caus...
CVE-2005-0385 Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local...
E S
CVE-2005-0386 Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows r...
S
CVE-2005-0387 remstats 1.0.13 and earlier, when processing uptime data, allows local users to create or overwrite ...
S
CVE-2005-0388 Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attacke...
S
CVE-2005-0389 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0814. Reason: This candida...
R
CVE-2005-0390 Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote a...
S
CVE-2005-0391 geneweb 4.10 and earlier does not properly check file permissions and content during conversion, whi...
S
CVE-2005-0392 ppxp does not drop root privileges before opening log files, which allows local users to execute arb...
CVE-2005-0393 The helper scripts for crip 3.5 do not properly use temporary files, which allows local users to hav...
S
CVE-2005-0394 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2005-0395 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has be...
R
CVE-2005-0396 Desktop Communication Protocol (DCOP) daemon, aka dcopserver, in KDE before 3.4 allows local users t...
S
CVE-2005-0397 Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 m...
S
CVE-2005-0398 The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of servic...
S
CVE-2005-0399 Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunder...
S
CVE-2005-0400 The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize m...
CVE-2005-0401 FireFox 1.0.1 and Mozilla before 1.7.6 do not sufficiently address all attack vectors for loading ch...
E S
CVE-2005-0402 Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into savin...
S
CVE-2005-0403 init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly...
S
CVE-2005-0404 KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the ema...
E S
CVE-2005-0406 A design flaw in image processing software that modifies JPEG images might not modify the original E...
E
CVE-2005-0407 Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, ...
E
CVE-2005-0408 CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash ...
E
CVE-2005-0409 CitrusDB 0.3.6 and earlier does not verify authorization for the (1) importcc.php and (2) uploadcc.p...
E
CVE-2005-0410 SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and earlier allows remote attackers t...
E
CVE-2005-0411 Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attacker...
E
CVE-2005-0412 Cross-site scripting (XSS) vulnerability in Spidean PostWrap allows remote attackers to inject arbit...
E
CVE-2005-0413 Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote attackers to execute arbitrar...
E
CVE-2005-0414 SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute ar...
E S
CVE-2005-0415 Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow remote attackers to cause a de...
CVE-2005-0416 The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP thr...
E S
CVE-2005-0417 Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and a...
S
CVE-2005-0418 Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allow...
S
CVE-2005-0419 Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute ar...
CVE-2005-0420 Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect use...
E
CVE-2005-0421 DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users ...
E
CVE-2005-0422 DelphiTurk CodeBank (aka KodBank) 3.1 and earlier stores usernames and passwords in the Codebank reg...
E
CVE-2005-0423 SQL injection vulnerability in login.asp in ASPjar Guestbook allows remote attackers to execute arbi...
S
CVE-2005-0424 Unknown vulnerability in the delete.asp program in certain versions of ASPjar Guestbook allows remot...
S
CVE-2005-0425 Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows,...
S
CVE-2005-0426 Unknown vulnerability in Solaris 8 and 9 allows remote attackers to cause a denial of service (panic...
CVE-2005-0427 The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the min...
S
CVE-2005-0428 The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to ca...
S
CVE-2005-0429 Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showfor...
CVE-2005-0430 The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of ...
S
CVE-2005-0431 Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains c...
CVE-2005-0432 BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates di...
S
CVE-2005-0433 Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or mis...
E
CVE-2005-0434 Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject...
E
CVE-2005-0435 awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loa...
E S
CVE-2005-0436 Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to ...
E S
CVE-2005-0437 Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to in...
E S
CVE-2005-0438 awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting...
S
CVE-2005-0439 Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute ...
S
CVE-2005-0440 ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file...
S
CVE-2005-0441 Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ...
S
CVE-2005-0442 Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read ar...
E S
CVE-2005-0443 index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server o...
E S
CVE-2005-0444 VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the ...
CVE-2005-0445 Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbit...
S
CVE-2005-0446 Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certa...
S
CVE-2005-0447 Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certa...
S
CVE-2005-0448 Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to cr...
S
CVE-2005-0449 The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of s...
S
CVE-2005-0450 Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows remote attackers to read arbitrar...
E
CVE-2005-0451 Sami HTTP Server 1.0.5 allows remote attackers to cause a denial of service via an HTTP request cont...
E
CVE-2005-0452 Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 a...
CVE-2005-0453 The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control charact...
S
CVE-2005-0454 Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to exe...
E
CVE-2005-0455 Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for Re...
S
CVE-2005-0456 Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) U...
S
CVE-2005-0457 Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local us...
S
CVE-2005-0458 Cross-site scripting (XSS) vulnerability in contact_us.php in osCommerce 2.2-MS2 allows remote attac...
CVE-2005-0459 phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full p...
E
CVE-2005-0460 index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by...
E S
CVE-2005-0461 Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote attackers to "take actions on co...
S
CVE-2005-0462 Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and 1.1.x allows remote attackers to ...
S
CVE-2005-0463 Unknown "major security flaws" in Ulog-php before 1.0, related to input validation, have unknown imp...
S
CVE-2005-0464 gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening...
S
CVE-2005-0465 gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to ove...
E S
CVE-2005-0467 Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the P...
S
CVE-2005-0468 Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clie...
S
CVE-2005-0469 Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LIN...
S
CVE-2005-0470 Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service ...
S
CVE-2005-0471 Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable ...
CVE-2005-0472 Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed...
S
CVE-2005-0473 The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service ...
S
CVE-2005-0474 SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allow...
E S
CVE-2005-0475 SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to ...
CVE-2005-0476 Cross-site scripting (XSS) vulnerability in hpm_guestbook.cgi allows remote attackers to inject arbi...
CVE-2005-0477 Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows...
CVE-2005-0478 Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of...
E
CVE-2005-0479 Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and earlier allows remot...
E
CVE-2005-0480 Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to i...
E
CVE-2005-0481 TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a dire...
E
CVE-2005-0482 TrackerCam 5.12 and earlier allows remote attackers to cause a denial of service (crash) via (1) a l...
E
CVE-2005-0483 Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glf...
E
CVE-2005-0484 Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to exe...
E
CVE-2005-0485 Cross-site scripting (XSS) vulnerability in comment.php for paNews 2.0b4 for PHP Arena allows remote...
E
CVE-2005-0486 Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 ...
S
CVE-2005-0487 Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other ...
CVE-2005-0488 Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malic...
S
CVE-2005-0489 The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial...
S
CVE-2005-0490 Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow...
S
CVE-2005-0491 Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute ar...
E S
CVE-2005-0492 Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (applicati...
S
CVE-2005-0493 CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to b...
CVE-2005-0494 The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and s...
CVE-2005-0495 Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary we...
CVE-2005-0496 Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back do...
CVE-2005-0497 ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profi...
CVE-2005-0498 Gigafast router (aka CompUSA router) allows remote attackers to gain sensitive information and bypas...
CVE-2005-0499 Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to ca...
CVE-2005-0500 Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in...
E
CVE-2005-0501 Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a l...
E
CVE-2005-0502 Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows remote attackers to read arbitr...
CVE-2005-0503 uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid appl...
S
CVE-2005-0504 Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, ...
S
CVE-2005-0505 Unknown vulnerability in Information Resource Manager (IRM) before 1.5.2.1 allows remote attackers t...
S
CVE-2005-0506 The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive dat...
CVE-2005-0507 Directory traversal vulnerability in SD Server 4.0.70 and earlier allows remote attackers to read ar...
S
CVE-2005-0508 Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access c...
S
CVE-2005-0509 Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Ne...
S
CVE-2005-0510 The daemon for fallback-reboot before 0.995 allows attackers to cause a denial of service (daemon ex...
S
CVE-2005-0511 misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allo...
S
CVE-2005-0512 PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute...
S
CVE-2005-0513 PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMa...
S
CVE-2005-0514 Cross-site scripting (XSS) vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to...
S
CVE-2005-0515 Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges be...
S
CVE-2005-0516 The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote attackers to execute arbitrary...
E S
CVE-2005-0517 PeerFTP_5 stores sensitive information such as passwords in plaintext in the PeerFTP.ini files, whic...
CVE-2005-0518 eXeem 0.21 stores sensitive information such as passwords in plaintext in the Exeem registry key, wh...
CVE-2005-0519 ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZI...
S
CVE-2005-0520 ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LN...
S
CVE-2005-0521 SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.ea...
CVE-2005-0522 Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for...
CVE-2005-0523 Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbit...
E S
CVE-2005-0524 The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the g...
S
CVE-2005-0525 The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the ...
E S
CVE-2005-0526 Multiple cross-site scripting (XSS) vulnerabilities in PBLang 4.65 allow remote attackers to inject ...
CVE-2005-0527 Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged cont...
E S
CVE-2005-0528 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0985. Reason: This candida...
R
CVE-2005-0529 Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_fil...
E S
CVE-2005-0530 Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1...
E S
CVE-2005-0531 The atm_get_addr function in addr.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4 may allow l...
E S
CVE-2005-0532 The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2...
E S
CVE-2005-0533 Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple ...
S
CVE-2005-0534 Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta be...
S
CVE-2005-0535 Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before...
S
CVE-2005-0536 Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow...
S
CVE-2005-0537 Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) Shop 1.2 may allow remote attac...
CVE-2005-0538 Directory traversal vulnerability in (1) GinpPictureServlet.java and (2) PicCollection.java in ginp ...
S
CVE-2005-0539 Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows ...
S
CVE-2005-0540 Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to obtain sensitive in...
CVE-2005-0541 consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers ...
CVE-2005-0542 saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows local users to gain priv...
CVE-2005-0543 Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbit...
E S
CVE-2005-0544 phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests t...
S
CVE-2005-0545 Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users ...
CVE-2005-0546 Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code...
S
CVE-2005-0547 Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote...
S
CVE-2005-0548 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allo...
CVE-2005-0549 Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allo...
S
CVE-2005-0550 Buffer overflow in Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows lo...
CVE-2005-0551 Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Mic...
S
CVE-2005-0553 Race condition in the memory management routines in the DHTML object processor in Microsoft Internet...
S
CVE-2005-0554 Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote a...
S
CVE-2005-0555 Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote...
S
CVE-2005-0558 Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute ...
CVE-2005-0560 Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP servic...
S
CVE-2005-0562 GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to e...
S
CVE-2005-0563 Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange...
S
CVE-2005-0564 Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 th...
S
CVE-2005-0565 The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PH...
E S
CVE-2005-0566 Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitra...
E S
CVE-2005-0567 Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to exe...
S
CVE-2005-0568 Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application cr...
E
CVE-2005-0569 Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQ...
E S
CVE-2005-0570 profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by...
S
CVE-2005-0571 admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin param...
S
CVE-2005-0572 index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information v...
S
CVE-2005-0573 Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) vi...
CVE-2005-0574 Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary ...
E
CVE-2005-0575 Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial o...
E
CVE-2005-0576 Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) ...
S
CVE-2005-0577 Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier allows remote attackers to exe...
S
CVE-2005-0578 Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin tempor...
S
CVE-2005-0579 nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is ...
E
CVE-2005-0580 cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp functi...
CVE-2005-0581 Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remot...
S
CVE-2005-0582 Buffer overflow in Computer Associates (CA) License Client 0.1.0.15 allows remote attackers to execu...
S
CVE-2005-0583 Directory traversal vulnerability in Computer Associates (CA) License Client 0.1.0.15 allows remote ...
S
CVE-2005-0584 Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do no...
S
CVE-2005-0585 Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which...
S
CVE-2005-0586 Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to spoof the extensi...
S
CVE-2005-0587 Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitra...
CVE-2005-0588 Firefox before 1.0.1 and Mozilla before 1.7.6 does not restrict xsl:include and xsl:import tags in X...
S
CVE-2005-0589 The Form Fill feature in Firefox before 1.0.1 allows remote attackers to steal potentially sensitive...
S
CVE-2005-0590 The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla ...
S
CVE-2005-0591 Firefox before 1.0.1 allows remote attackers to spoof the (1) security and (2) download modal dialog...
E S
CVE-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla bef...
CVE-2005-0593 Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site"...
S
CVE-2005-0594 Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code....
CVE-2005-0595 Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a l...
E S
CVE-2005-0596 PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile func...
CVE-2005-0597 Cisco devices running Application and Content Networking System (ACNS) 5.0 before 5.0.17.6 and 5.1 b...
S
CVE-2005-0598 The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (AC...
S
CVE-2005-0599 Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.1...
S
CVE-2005-0600 Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or ...
S
CVE-2005-0601 Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a d...
S
CVE-2005-0602 Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which...
CVE-2005-0603 viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information vi...
S
CVE-2005-0604 lnss.exe in GFI Languard Network Security Scanner 5.0 stores the username and password in memory in ...
E
CVE-2005-0605 scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value tha...
S
CVE-2005-0606 Cross-site scripting (XSS) vulnerability in settings.inc.php for CubeCart 2.0.0 through 2.0.5, as us...
E S
CVE-2005-0607 CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via di...
S
CVE-2005-0608 Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote attackers to cause a denial o...
S
CVE-2005-0609 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-0610 Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1...
S
CVE-2005-0611 Heap-based buffer overflow in RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and Rea...
CVE-2005-0612 Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP commu...
S
CVE-2005-0613 Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to uplo...
S
CVE-2005-0614 sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges vi...
CVE-2005-0615 Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNu...
S
CVE-2005-0616 Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0....
S
CVE-2005-0617 SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers...
S
CVE-2005-0618 The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before...
CVE-2005-0619 Einstein 1.0.1 stores sensitive information such as usernames and passwords in plaintext in the regi...
E
CVE-2005-0620 Einstein 1.0 stores credit card information in plaintext in the world-readable wallets.dat file, whi...
CVE-2005-0621 Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) ...
CVE-2005-0622 RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the P...
E S
CVE-2005-0623 Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote atta...
S
CVE-2005-0624 reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, w...
S
CVE-2005-0625 reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive informatio...
S
CVE-2005-0626 Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendatio...
CVE-2005-0627 Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared l...
S
CVE-2005-0628 Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject ...
CVE-2005-0629 Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attacke...
CVE-2005-0630 sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathn...
E
CVE-2005-0631 delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying...
E
CVE-2005-0632 PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remo...
E S
CVE-2005-0633 Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a ...
S
CVE-2005-0634 Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a lo...
E
CVE-2005-0635 Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long U...
E
CVE-2005-0636 Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of servi...
CVE-2005-0637 The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based ...
S
CVE-2005-0638 xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via sh...
S
CVE-2005-0639 Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via...
S
CVE-2005-0640 Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Chan...
S
CVE-2005-0641 Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asse...
S
CVE-2005-0642 SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Manag...
CVE-2005-0643 Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to e...
E
CVE-2005-0644 Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to e...
E
CVE-2005-0645 Cross-site scripting (XSS) vulnerability in show.inc.php in cuteNews 1.3.6 allows remote attackers t...
CVE-2005-0646 SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrar...
CVE-2005-0647 admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $f...
CVE-2005-0648 Multiple vulnerabilities in Pixel-Apes SafeHTML before 1.3.0 allow remote attackers to bypass cross-...
CVE-2005-0649 Pixel-Apes SafeHTML before 1.2.1 allows remote attackers to bypass cross-site scripting (XSS) protec...
CVE-2005-0650 Multiple cross-site scripting (XSS) vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to i...
E
CVE-2005-0651 Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to execute arbitr...
E
CVE-2005-0652 Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users ...
CVE-2005-0653 phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which...
S
CVE-2005-0654 gifload.exe in GIMP 2.0.5, 2.2.3, and possibly 2.2.4 allows remote attackers or local users to cause...
E
CVE-2005-0655 auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an inva...
E
CVE-2005-0656 Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject ...
E
CVE-2005-0657 Directory traversal vulnerability in Computalynx CProxy 3.3.x and 3.4.x through 3.4.4 allows remote ...
E
CVE-2005-0658 SQL injection vulnerability in a third party extension to TYPO3 allows remote attackers to execute a...
S
CVE-2005-0659 phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct reques...
E
CVE-2005-0660 Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to injec...
CVE-2005-0661 SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board ...
S
CVE-2005-0662 Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers...
S
CVE-2005-0663 SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject ar...
S
CVE-2005-0664 Buffer overflow in the EXIF library (libexif) 0.6.9 does not properly validate the structure of the ...
S
CVE-2005-0665 Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via...
CVE-2005-0666 Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SE...
E
CVE-2005-0667 Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to ...
S
CVE-2005-0668 Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being proper...
S
CVE-2005-0669 Multiple SQL injection vulnerabilities in mod.php for phpCOIN 1.2.0 through 1.2.1b allow remote atta...
E S
CVE-2005-0670 Cross-site scripting (XSS) vulnerability in phpCOIN 1.2.0 through 1.2.1b allows remote attackers to ...
E S
CVE-2005-0671 Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows r...
E S
CVE-2005-0672 Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbi...
E
CVE-2005-0673 Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attac...
S
CVE-2005-0674 Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote attackers to...
CVE-2005-0675 Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to injec...
E
CVE-2005-0676 index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrar...
E
CVE-2005-0677 index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifyi...
E
CVE-2005-0678 PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier all...
E S
CVE-2005-0679 PHP remote file inclusion vulnerability in tell_a_friend.inc.php for Tell A Friend Script 2.7 before...
S
CVE-2005-0680 PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6...
S
CVE-2005-0681 Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetoot...
CVE-2005-0682 Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attacker...
S
CVE-2005-0683 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0659. Reason: This candida...
R
CVE-2005-0684 Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers t...
S
CVE-2005-0685 Multiple access validation errors in OutStart Participate Enterprise (PE) allow remote attackers to ...
S
CVE-2005-0686 Integer overflow in mlterm 2.5.0 through 2.9.1, with gdk-pixbuf support enabled, allows remote attac...
S
CVE-2005-0687 Format string vulnerability in Hashcash 1.16 allows remote attackers to cause a denial of service (m...
S
CVE-2005-0688 Windows Server 2003 and XP SP2, with Windows Firewall turned off, allows remote attackers to cause a...
CVE-2005-0689 includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacha...
E
CVE-2005-0690 Gene6 FTP Server does not properly restrict access to the control console, which allows local users ...
S
CVE-2005-0691 PHP remote file inclusion vulnerability in article mode for modules.php in SocialMPN allows remote a...
E
CVE-2005-0692 Cross-site scripting (XSS) vulnerability in fusion_core.php for PHP-Fusion 5.x allows remote attacke...
S
CVE-2005-0693 Buffer overflow in JoWood Chaser 1.50 and earlier allows remote attackers to cause a denial of servi...
E
CVE-2005-0694 Hosting Controller 6.1 Hotfix 1.7 and earlier stores log files under the web root, which allows remo...
E S
CVE-2005-0695 The password recovery feature (forgotpassword.asp) in Hosting Controller 6.1 Hotfix 1.7 and earlier ...
S
CVE-2005-0696 Buffer overflow in ArGoSoft FTP Server 1.4.2.8 allows remote authenticated users to execute arbitrar...
S
CVE-2005-0697 SQL injection vulnerability in the process_picture function xp_publish.php in CopperExport 0.2.1 all...
S
CVE-2005-0698 PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to ex...
CVE-2005-0699 Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (pac...
E S
CVE-2005-0700 The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain databas...
E
CVE-2005-0701 Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to rea...
E S
CVE-2005-0702 SQL injection vulnerability in phpMyFAQ 1.4 and 1.5 allows remote attackers to add FAQ records to th...
S
CVE-2005-0703 Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 thro...
S
CVE-2005-0704 Buffer overflow in the Etheric dissector in Ethereal 0.10.7 through 0.10.9 allows remote attackers t...
S
CVE-2005-0705 The GPRS-LLC dissector in Ethereal 0.10.7 through 0.10.9, with the "ignore cipher bit" option enable...
S
CVE-2005-0706 Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and...
S
CVE-2005-0707 Buffer overflow in the IMAP daemon (IMAP4d32.exe) for Ipswitch Collaboration Suite (ICS) before 8.15...
S
CVE-2005-0708 The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kern...
CVE-2005-0709 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and ...
E S
CVE-2005-0710 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and ...
E S
CVE-2005-0711 MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporar...
E S
CVE-2005-0712 Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow loc...
CVE-2005-0713 The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluet...
CVE-2005-0714 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0340. Reason: This candida...
R
CVE-2005-0715 AFP Server in Mac OS X before 10.3.8 uses insecure permissions for "Drop Boxes," which allows local ...
CVE-2005-0716 Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possib...
CVE-2005-0718 Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fau...
CVE-2005-0719 Unknown vulnerability in the systems message queue in HP Tru64 Unix 4.0F PK8 through 5.1B-2/PK4 allo...
S
CVE-2005-0720 PHP remote file inclusion vulnerability in admin/header.php in PHP mcNews 1.3 allows remote attacker...
CVE-2005-0721 PHP remote file inclusion vulnerability in modules.php in eXPerience2 allows remote attackers to exe...
CVE-2005-0722 eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to...
CVE-2005-0723 Cross-site scripting (XSS) vulnerability in the jumpmenu function in functions.php for paFileDB 3.1 ...
CVE-2005-0724 paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via (1) an invalid ...
CVE-2005-0725 SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsecti...
CVE-2005-0726 SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute ar...
CVE-2005-0727 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0735. Reason: This candida...
R
CVE-2005-0728 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0736. Reason: This candida...
R
CVE-2005-0729 Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute ar...
E
CVE-2005-0730 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of se...
E
CVE-2005-0731 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of se...
E
CVE-2005-0732 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to obtain the full path...
E
CVE-2005-0733 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to determine the existe...
E
CVE-2005-0734 PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of se...
CVE-2005-0735 newsscript.pl for NewsScript allows remote attackers to gain privileges by setting the mode paramete...
E
CVE-2005-0736 Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users ...
E S
CVE-2005-0737 Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offlin...
E
CVE-2005-0738 Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial...
S
CVE-2005-0739 The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routin...
S
CVE-2005-0740 The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of serv...
E S
CVE-2005-0741 Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inje...
E S
CVE-2005-0742 Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attac...
S
CVE-2005-0743 The custom avatar uploading feature (uploader.php) for XOOPS 2.0.9.2 and earlier allows remote attac...
S
CVE-2005-0744 The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain a...
S
CVE-2005-0745 UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local users to bypass ATA access restri...
E
CVE-2005-0746 The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attac...
CVE-2005-0747 ApplyYourself i-Class allows remote attackers to obtain sensitive information about their own applic...
S
CVE-2005-0748 PHP remote file inclusion vulnerability in initdb.php for WEBInsta Mailing list manager 1.3d allows ...
S
CVE-2005-0749 The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of ser...
S
CVE-2005-0750 The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and ...
S
CVE-2005-0751 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has be...
R
CVE-2005-0752 The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary...
S
CVE-2005-0753 Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code....
S
CVE-2005-0754 Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which...
S
CVE-2005-0755 Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Pla...
CVE-2005-0756 ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allow...
CVE-2005-0757 The xattr file system code, as backported in Red Hat Enterprise Linux 3 on 64-bit systems, does not ...
S
CVE-2005-0758 zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute...
S
CVE-2005-0759 ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via ...
S
CVE-2005-0760 The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (cra...
S
CVE-2005-0761 Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of servi...
S
CVE-2005-0762 Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to ex...
S
CVE-2005-0763 Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitra...
S
CVE-2005-0764 Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrar...
S
CVE-2005-0765 Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a de...
S
CVE-2005-0766 Unknown vulnerability in the sFlow dissector in Ethereal 0.9.14 through 0.10.9 allows remote attacke...
S
CVE-2005-0767 Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 allows local users with DRI privile...
CVE-2005-0768 Buffer overflow in the administration web server for GoodTech Telnet Server 4.0 and 5.0, and possibl...
E
CVE-2005-0769 Multiple buffer overflows in OpenSLP before 1.1.5 allow remote attackers to have an unknown impact v...
S
CVE-2005-0770 Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 ...
E S
CVE-2005-0771 VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated...
S
CVE-2005-0772 VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, ...
CVE-2005-0773 Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9....
E S
CVE-2005-0774 SQL injection vulnerability in member.php and possibly other scripts in PhotoPost PHP 5.0 RC3 allows...
S
CVE-2005-0775 The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not limit the logging data that is ...
E
CVE-2005-0776 adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify administrative privileges before man...
CVE-2005-0777 Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP 5.0 RC3 allow remote attackers ...
CVE-2005-0778 PhotoPost PHP 5.0 RC3 does not fully verify that an uploaded file is an image file, which allows rem...
CVE-2005-0779 PlatinumFTP 1.0.18, and possibly earlier versions, allows remote attackers to cause a denial of serv...
E
CVE-2005-0780 paFileDB 3.1 and earlier allows remote attackers to obtain sensitive information via a direct reques...
CVE-2005-0781 SQL injection vulnerability in (1) viewall.php and (2) category.php in paFileDB 3.1 and earlier allo...
E
CVE-2005-0782 Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 an...
E
CVE-2005-0783 Cross-site scripting (XSS) vulnerability in Phorum before 5.0.14a allows remote attackers to inject ...
E S
CVE-2005-0784 Multiple cross-site scripting (XSS) vulnerabilities in Phorum before 5.0.15 allow remote attackers t...
E S
CVE-2005-0785 Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers...
E S
CVE-2005-0786 SQL injection vulnerability in gb_new.inc in SimpGB allows remote attackers to execute arbitrary SQL...
E S
CVE-2005-0787 Wine 20050211 and earlier creates temp files with world readable permissions and predictable file na...
E S
CVE-2005-0788 LimeWire 4.1.2 through 4.5.6 allows remote attackers to read arbitrary files by specifying the full ...
E S
CVE-2005-0789 Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 allows remote attackers to read ar...
S
CVE-2005-0790 phpAdsNew 2.0.4 allows remote attackers to obtain sensitive information via a direct request to (1) ...
CVE-2005-0791 Cross-site scripting (XSS) vulnerability in adframe.php in phpAdsNew 2.0.4-pr1, when register_global...
S
CVE-2005-0792 SQL injection vulnerability in ZPanel 2.0 allows remote attackers to execute arbitrary SQL commands ...
S
CVE-2005-0793 PHP remote file inclusion vulnerability in zpanel.php in ZPanel allows remote attackers to (1) execu...
CVE-2005-0794 ZPanel 2.0 and 2.5 beta 10 does not remove or protect installation scripts after they have been used...
S
CVE-2005-0795 HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attac...
E S
CVE-2005-0796 Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary ...
S
CVE-2005-0797 Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which a...
CVE-2005-0798 Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incor...
CVE-2005-0799 MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause...
E
CVE-2005-0800 PHP remote file inclusion vulnerability in install.php in mcNews 1.3 and earlier allows remote attac...
E
CVE-2005-0801 Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read ar...
CVE-2005-0802 Cross-site scripting (XSS) vulnerability in search.asp in ACS Blog 0.8 through 1.1b allows remote at...
E
CVE-2005-0803 The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a...
E
CVE-2005-0804 Format string vulnerability in MailEnable 1.8 allows remote attackers to cause a denial of service (...
E S
CVE-2005-0805 SQL injection vulnerability in index.php in Subdreamer Light, when magic_quotes_gpc is enabled, allo...
E S
CVE-2005-0806 Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via...
CVE-2005-0807 Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of ser...
S
CVE-2005-0808 Apache Tomcat before 5.x allows remote attackers to cause a denial of service (application crash) vi...
CVE-2005-0809 NotifyLink, when configured for client key retrieval, allows remote attackers to obtain AES keys via...
CVE-2005-0810 SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQ...
CVE-2005-0811 The web interface in NotifyLink 3.0 does not properly restrict access to functions that have been di...
CVE-2005-0812 The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, whic...
CVE-2005-0813 Buffer overflow in Initial Redirect (ir) Squid Proxy Plug-In 0.1 and 0.2 may allow attackers to caus...
S
CVE-2005-0814 Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 allows remote attackers to cau...
S
CVE-2005-0815 Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may al...
E
CVE-2005-0816 Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges....
CVE-2005-0817 Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x,...
CVE-2005-0818 Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote attackers to inject arbitrary ...
E
CVE-2005-0819 The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession wi...
E S
CVE-2005-0820 Microsoft Office InfoPath 2003 SP1 includes sensitive information in the Manifest.xsf file in a cust...
CVE-2005-0821 Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 allows conference members to bypa...
S
CVE-2005-0822 Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfu...
S
CVE-2005-0823 ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores usernames and passwords in cleartex...
E
CVE-2005-0824 The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is runn...
CVE-2005-0825 Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted hi...
S
CVE-2005-0826 OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) vi...
E
CVE-2005-0827 Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products...
S
CVE-2005-0828 highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other pr...
E S
CVE-2005-0829 Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 a...
CVE-2005-0830 Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, including the ipcheck function...
CVE-2005-0831 PHP-Post allows remote attackers to spoof the names of other users by registering with a username co...
E S
CVE-2005-0832 Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allows remote attackers to inject a...
CVE-2005-0833 Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniff...
CVE-2005-0834 Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attacker...
CVE-2005-0835 The SNMP service in the Belkin 54G (F5D7130) wireless router allows remote attackers to cause a deni...
CVE-2005-0836 Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted ap...
S
CVE-2005-0837 IceCast 2.20 allows remote attackers to bypass the XSL parser and obtain the source for XSL files vi...
E
CVE-2005-0838 Multiple buffer overflows in the XSL parser for IceCast 2.20 may allow attackers to cause a denial o...
E
CVE-2005-0839 Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, wh...
CVE-2005-0840 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0706. Reason: This candida...
R
CVE-2005-0841 SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) ce...
E S
CVE-2005-0842 Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers...
CVE-2005-0843 CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP...
S
CVE-2005-0844 Nortel VPN client 5.01 stores the cleartext password in the memory of the Extranet.exe process, whic...
E
CVE-2005-0845 Directory traversal vulnerability in the Webmail interface in SurgeMail 2.2g3 allows remote authenti...
S
CVE-2005-0846 Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2...
S
CVE-2005-0847 Code Ocean FTP server 1.0 allows remote attackers to cause a denial of service via a large number of...
E S
CVE-2005-0848 Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangero...
E
CVE-2005-0849 Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangero...
E
CVE-2005-0850 FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request...
S
CVE-2005-0851 FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to ...
S
CVE-2005-0852 Microsoft Windows XP SP1 allows local users to cause a denial of service (system crash) via an empty...
E
CVE-2005-0853 betaparticle blog (bp blog) stores the database under the web root, which allows remote attackers to...
E S
CVE-2005-0854 betaparticle blog (bp blog), posisbly before version 4, allows remote attackers to bypass authentica...
E S
CVE-2005-0855 CoolForum 0.8.1 beta and earlier allows remote attackers to obtain sensitive path information via di...
E S
CVE-2005-0856 CoolForum 0.8.1 beta and earlier allows remote attackers to manipulate SQL commands via certain requ...
E S
CVE-2005-0857 Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum 0.8 and earlier allows remote a...
E S
CVE-2005-0858 Multiple SQL injection vulnerabilities in CoolForum 0.8 and earlier allow remote attackers to execut...
E S
CVE-2005-0859 PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote attackers to execute arbitra...
E S
CVE-2005-0860 PHP remote file inclusion vulnerability in TRG News Script 3.0 allows remote attackers to execute ar...
CVE-2005-0861 Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service...
S
CVE-2005-0862 Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and earlier allow remote att...
E
CVE-2005-0863 Cross-site scripting (XSS) vulnerability in PHPOpenChat v3.x allows remote attackers to inject arbit...
CVE-2005-0864 The Boa web server, as used in Samsung ADSL Modem SMDK8947v1.2 and possibly other products, allows r...
E
CVE-2005-0865 Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) root, (2) admin, or (3) user user...
E
CVE-2005-0866 cdrecord before 4:2.0, when DEBUG is enabled, allows local users to overwrite arbitrary files via a ...
CVE-2005-0867 Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a s...
S
CVE-2005-0868 AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova...
E
CVE-2005-0869 phpSysInfo 2.3 allows remote attackers to obtain sensitive information via a direct request to (1) c...
CVE-2005-0870 Multiple cross-site scripting (XSS) vulnerabilities in phpSysInfo 2.3, when register_globals is enab...
CVE-2005-0871 calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when running on a Microsoft IIS ser...
E
CVE-2005-0872 Cross-site scripting (XSS) vulnerability in calendar_scheduler.php in the Topic Calendar 1.0.1 modul...
E
CVE-2005-0873 Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4....
E
CVE-2005-0874 Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allo...
CVE-2005-0875 Multiple buffer overflows in the Yahoo plug-in for Trillian 2.0, 3.0, and 3.1 allow remote web serve...
CVE-2005-0876 Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via ...
S
CVE-2005-0877 Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that were...
S
CVE-2005-0878 Cross-site scripting (XSS) vulnerability in MercuryBoard before 1.1.3 allows remote attackers to inj...
S
CVE-2005-0879 PHP remote file include vulnerability in (1) content.php and (2) index.php for Vortex Portal allows ...
E
CVE-2005-0880 content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid ...
CVE-2005-0881 Cross-site scripting (XSS) vulnerability in articles.newcomment for Interspire ArticleLive 2005 allo...
S
CVE-2005-0882 SQL injection vulnerability in admincore.php in BirdBlog before 1.2.0 allows remote attackers to exe...
S
CVE-2005-0883 Multiple cross-site scripting (XSS) vulnerabilities in base.php for DigitalHive 2.0 allow remote att...
E
CVE-2005-0884 DigitalHive 2.0 allows remote attackers to re-install the product by directly accessing the install ...
CVE-2005-0885 Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 allow remote attackers to inj...
CVE-2005-0886 Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 and earlier allows remote att...
CVE-2005-0887 Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute...
S
CVE-2005-0888 Multiple cross-site scripting (XSS) vulnerabilities in functions.inc.php for Double Choco Latte 0.9....
S
CVE-2005-0889 Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi CMS 4.2.3 allows remote attac...
CVE-2005-0890 SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary S...
E
CVE-2005-0891 Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of ...
S
CVE-2005-0892 Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code ...
S
CVE-2005-0893 modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may a...
CVE-2005-0894 OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local users to overwrite or delete a...
S
CVE-2005-0895 Netcomm 1300NB DSL Modem allows remote attackers to cause a denial of service (device hang) via a la...
CVE-2005-0896 Multiple cross-site scripting (XSS) vulnerabilities in review.php in phpMyDirectory 10.1.3-rel allow...
CVE-2005-0897 PHP remote file inclusion vulnerability in catalog.php in E-Store Kit-2 PayPal Edition allows remote...
E
CVE-2005-0898 Cross-site scripting (XSS) vulnerability in downloadform.php in E-Store Kit-2 PayPal Edition allows ...
E
CVE-2005-0899 AS/400 running OS400 5.2 installs and enables LDAP by default, which allows remote authenticated use...
CVE-2005-0900 marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information ...
CVE-2005-0901 Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks 0.6 for PHP-Nuke allow remote a...
CVE-2005-0902 SQL injection vulnerability in marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers t...
E
CVE-2005-0903 Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of servic...
E
CVE-2005-0904 Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system" setting, ...
CVE-2005-0905 Maxthon 1.2.0 allows remote malicious web sites to obtain potentially sensitive data from the search...
S
CVE-2005-0906 Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as use...
E
CVE-2005-0907 Multiple SQL injection vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote attackers to exe...
E S
CVE-2005-0908 Multiple cross-site scripting (XSS) vulnerabilities in Valdersoft Shopping Cart 3.0 allow remote att...
E S
CVE-2005-0909 PHP remote file inclusion vulnerability in shoutact.php for TKai's Shoutbox allows remote attackers ...
CVE-2005-0910 Multiple cross-site scripting (XSS) vulnerabilities in exoops allow remote attackers to inject arbit...
E
CVE-2005-0911 Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL...
CVE-2005-0912 Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb....
S
CVE-2005-0913 Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2....
S
CVE-2005-0914 Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers ...
CVE-2005-0915 Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform c...
S
CVE-2005-0916 AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled a...
CVE-2005-0917 PHP remote file inclusion vulnerability in index_header.php for EncapsBB 0.3.2_fixed, and possibly o...
E
CVE-2005-0918 The NPSVG3.dll ActiveX control for Adobe SVG Viewer 3.02 and earlier, when running on Internet Explo...
E S
CVE-2005-0919 Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML ...
CVE-2005-0920 Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow remote attackers to execute arb...
S
CVE-2005-0921 Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and l...
S
CVE-2005-0922 Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also...
CVE-2005-0923 The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as als...
CVE-2005-0924 Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows remote attackers to inject ar...
CVE-2005-0925 Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remo...
E S
CVE-2005-0926 Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash...
CVE-2005-0927 Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vect...
S
CVE-2005-0928 Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers ...
E
CVE-2005-0929 SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary...
CVE-2005-0930 Cross-site scripting (XSS) vulnerability in message.php in Chatness 2.5.1 and earlier allows remote ...
E
CVE-2005-0931 PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 allows remote attackers to execu...
CVE-2005-0932 Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execu...
E
CVE-2005-0933 Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attack...
E
CVE-2005-0934 Multiple cross-site scripting (XSS) vulnerabilities in WackoWiki R4 allow remote attackers to inject...
S
CVE-2005-0935 Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute a...
E
CVE-2005-0936 Cross-site scripting vulnerability in products1h.php in ESMI PayPal Storefront allows remote attacke...
E
CVE-2005-0937 Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap...
S
CVE-2005-0938 Ublog Reload 1.0 through 1.0.4 stores ublogreload.mdb under the web root, which allows remote attack...
CVE-2005-0940 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0490. Reason: This candida...
R
CVE-2005-0941 The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory ...
CVE-2005-0942 The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 1...
S
CVE-2005-0943 Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to c...
S
CVE-2005-0944 Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient ...
CVE-2005-0945 Cross-site scripting (XSS) vulnerability in ACS Blog 1.1.1 allows remote attackers to inject arbitra...
E
CVE-2005-0946 SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitra...
S
CVE-2005-0947 Directory traversal vulnerability in auxpage.php in phpCoin 1.2.1b and earlier allows remote attacke...
CVE-2005-0948 SQL injection vulnerability in ad_click.asp for PortalApp allows remote attackers to execute arbitra...
E
CVE-2005-0949 Multiple cross-site scripting (XSS) vulnerabilities in content.asp in Iatek PortalApp allow remote a...
E
CVE-2005-0950 Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbi...
S
CVE-2005-0951 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate was cr...
R
CVE-2005-0952 Cross-site scripting vulnerability in pafiledb.php in PaFileDB 3.1 allows remote attackers to inject...
CVE-2005-0953 Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary file...
S
CVE-2005-0954 Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial...
CVE-2005-0955 SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote attackers to execute arbitrary S...
CVE-2005-0956 Multiple SQL injection vulnerabilities in index.php in InterAKT MX Kart 1.1.2 allow remote attackers...
CVE-2005-0957 Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by ...
CVE-2005-0958 Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statis...
E
CVE-2005-0959 Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbi...
E
CVE-2005-0960 Multiple vulnerabilities in the SACK functionality in (1) tcp_input.c and (2) tcp_usrreq.c OpenBSD 3...
S
CVE-2005-0961 Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to ...
S
CVE-2005-0962 SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to exec...
E
CVE-2005-0963 An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master B...
CVE-2005-0964 Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass fire...
S
CVE-2005-0965 The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote atta...
S
CVE-2005-0966 The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to...
S
CVE-2005-0967 Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed ...
E S
CVE-2005-0968 Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of...
S
CVE-2005-0969 Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows l...
CVE-2005-0970 Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, cont...
CVE-2005-0971 Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local use...
CVE-2005-0972 Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to ex...
CVE-2005-0973 Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local user...
CVE-2005-0974 Unknown vulnerability in the nfs_mount call in Mac OS X 10.3.9 and earlier allows local users to gai...
CVE-2005-0975 Integer signedness error in the parse_machfile function in the mach-o loader (mach_loader.c) for the...
E S
CVE-2005-0976 AppleWebKit (WebCore and WebKit), as used in multiple products such as Safari 1.2 and OmniGroup Omni...
E
CVE-2005-0977 The shmem_nopage function in shmem.c for the tmpfs driver in Linux kernel 2.6 does not properly veri...
CVE-2005-0978 Directory traversal vulnerability in the Object Push service in IVT BlueSoleil 1.4 allows remote att...
E
CVE-2005-0979 Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of servi...
CVE-2005-0980 PHP remote file inclusion vulnerability in index.php in AlstraSoft EPay Pro 2.0 allows remote attack...
E
CVE-2005-0981 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attacker...
E
CVE-2005-0982 Multiple cross-site scripting (XSS) vulnerabilities in Yet Another Forum.net 0.9.9 allow remote atta...
CVE-2005-0983 Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (cli...
E
CVE-2005-0984 Buffer overflow in the G_Printf function in Star Wars Jedi Knight: Jedi Academy 1.011 and earlier al...
E
CVE-2005-0985 Unspecified vulnerability in the Mac OS X kernel before 10.3.8 allows local users to cause a denial ...
CVE-2005-0986 NLSCCSTR.DLL in the web service in IBM Lotus Domino Server 6.5.1, 6.0.3, and possibly other versions...
CVE-2005-0987 Unknown vulnerability in IRC Services NickServ LISTLINKS before 5.0.50 allows remote attackers to ob...
S
CVE-2005-0988 Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local us...
S
CVE-2005-0989 The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 ...
E S
CVE-2005-0990 unshar (unshar.c) in sharutils 4.2.1 allows local users to overwrite arbitrary files via a symlink a...
S
CVE-2005-0991 RC.BOOT in IBM AIX 5.1, 5.2, and 5.3 does not "use a secure location for temporary files," which all...
CVE-2005-0992 Cross-site scripting (XSS) vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote a...
E S
CVE-2005-0993 Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via ...
E S
CVE-2005-0994 Multiple SQL injection vulnerabilities in ProductCart 2.7 allow remote attackers to execute arbitrar...
E
CVE-2005-0995 Multiple cross-site scripting (XSS) vulnerabilities in ProductCart 2.7 allow remote attackers to inj...
E
CVE-2005-0996 Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 7.6 allow remote attacke...
CVE-2005-0997 Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 7.6 allow remote attacke...
CVE-2005-0998 The Web_Links module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an...
CVE-2005-0999 SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers t...
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.