CVE-2005-1xxx

There are 970 CVE in this subgroup.
Last updated: 
← Back to 2005
ID Summary Flags Max Score
CVE-2005-1000 Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 7.6 allow remote attackers to inject...
E
CVE-2005-1001 PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to (1) the ...
E S
CVE-2005-1002 logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows remote attackers to read arbitra...
E
CVE-2005-1003 Directory traversal vulnerability in index.php for ProfitCode PayProCart 3.0 allows remote attackers...
E
CVE-2005-1004 Cross-site scripting (XSS) vulnerability in usrdetails.php in ProfitCode PayProCart 3.0 allows remot...
E
CVE-2005-1005 ProfitCode PayProCart 3.0 allows remote attackers to bypass authentication and gain administrative p...
CVE-2005-1006 Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers...
E
CVE-2005-1007 Unknown vulnerability in the LIST functionality in CommuniGate Pro before 4.3c3 allows remote attack...
CVE-2005-1008 Cross-site scripting (XSS) vulnerability in posts.asp for ASP-DEv XM Forum RC3 allows remote attacke...
E
CVE-2005-1009 Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) remote attackers to execute arbi...
E
CVE-2005-1010 Cross-site scripting (XSS) vulnerability in Comersus Cart 6 allows remote attackers to inject arbitr...
CVE-2005-1011 SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrar...
E
CVE-2005-1012 Cross-site scripting (XSS) vulnerability in Iatek SiteEnable allows remote attackers to inject arbit...
E
CVE-2005-1013 The SMTP service in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earlier allows ...
E S
CVE-2005-1014 Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54...
E S
CVE-2005-1015 Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code v...
E
CVE-2005-1016 Cross-site scripting (XSS) vulnerability in links_add_form.asp for MaxWebPortal 1.33 and earlier all...
S
CVE-2005-1017 SQL injection vulnerability in the Update_Events function in events_functions.asp in MaxWebPortal 1....
E S
CVE-2005-1018 Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows...
CVE-2005-1019 Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privil...
E
CVE-2005-1020 Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of ser...
S
CVE-2005-1021 Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACA...
S
CVE-2005-1022 ColdFusion 6.1 Updater 1 places Java .class files under the web root in the /WEB-INF/cfclasses direc...
S
CVE-2005-1023 Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x to 7.6 allow remote attackers to...
CVE-2005-1024 modules.php in PHP-Nuke 6.x to 7.6 allows remote attackers to obtain sensitive information via a dir...
E S
CVE-2005-1025 The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive ...
E
CVE-2005-1026 Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to exe...
E
CVE-2005-1027 Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attacke...
CVE-2005-1028 PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct reques...
CVE-2005-1029 Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arb...
E
CVE-2005-1030 Multiple cross-site scripting (XSS) vulnerabilities in Active Auction House allow remote attackers t...
E
CVE-2005-1031 RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), when "Allow custom avatar upload...
S
CVE-2005-1032 Rejected reason: cart.php in LiteCommerce might allow remote attackers to obtain sensitive informati...
R
CVE-2005-1033 CubeCart 2.0.6 allows remote attackers to obtain sensitive information via an invalid (1) language p...
CVE-2005-1034 SurgeFTP 2.2m1 allows remote attackers to cause a denial of service (application hang) via the LEAK ...
S
CVE-2005-1035 Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact....
S
CVE-2005-1036 FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user...
CVE-2005-1037 Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gai...
S
CVE-2005-1038 crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron file...
E S
CVE-2005-1039 Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is runn...
CVE-2005-1040 Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain ro...
CVE-2005-1041 The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of ser...
CVE-2005-1042 Integer overflow in the exif_process_IFD_TAG function in exif.c in PHP before 4.3.11 may allow remot...
S
CVE-2005-1043 exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption...
S
CVE-2005-1044 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0941. Reason: This candida...
R
CVE-2005-1045 OpenText FirstClass 8.0 client does not properly sanitize strings before passing them to the Windows...
CVE-2005-1046 Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary cod...
S
CVE-2005-1047 Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files th...
CVE-2005-1048 SQL injection vulnerability in modules.php in PostNuke 0.760 RC3 allows remote attackers to execute ...
S
CVE-2005-1049 Multiple cross-site scripting vulnerabilities in PostNuke 0.760-RC3 allow remote attackers to inject...
E S
CVE-2005-1050 The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensit...
CVE-2005-1051 SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execu...
E S
CVE-2005-1052 Microsoft Outlook 2003 and Outlook Web Access (OWA) 2003 do not properly display comma separated add...
CVE-2005-1053 Multiple cross-site scripting (XSS) vulnerabilities in orderwiz.php in ModernBill 4.3.0 and earlier ...
E S
CVE-2005-1054 PHP remote file inclusion vulnerability in news.php in ModernBill 4.3.0 and earlier allows remote at...
E S
CVE-2005-1055 TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attacke...
S
CVE-2005-1056 Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6.2 through 6.4, and 7.01 through 7....
CVE-2005-1057 Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows r...
CVE-2005-1058 Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authenticati...
CVE-2005-1059 Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original pa...
E S
CVE-2005-1060 Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote at...
S
CVE-2005-1061 The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malic...
CVE-2005-1062 The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up t...
CVE-2005-1063 The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up t...
S
CVE-2005-1064 The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 changes the ownership of files t...
S
CVE-2005-1065 tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via...
S
CVE-2005-1066 Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files vi...
CVE-2005-1067 Vulnerability in Access_user Class before 1.75 allows local users to gain access as other users via ...
S
CVE-2005-1068 Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to ex...
S
CVE-2005-1069 Unknown vulnerability in sCssBoard 1.11 and earlier has unknown impact, related to "an exploit on th...
S
CVE-2005-1070 SQL injection vulnerability in index.php in Invision Power Board 1.3.1 Final and earlier allows remo...
CVE-2005-1071 SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2.3.1 allows remote attackers to...
CVE-2005-1072 Cross-site scripting (XSS) vulnerability in PunBB before 1.2.5 allows remote attackers to inject arb...
S
CVE-2005-1073 Directory traversal vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers...
E
CVE-2005-1074 SQL injection vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to ex...
E
CVE-2005-1075 Multiple cross-site scripting (XSS) vulnerabilities in RadScripts RadBids Gold 2 allow remote attack...
E
CVE-2005-1076 Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edit...
E
CVE-2005-1077 Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject ...
CVE-2005-1078 XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges....
CVE-2005-1079 SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2 allows remote attackers to exe...
E
CVE-2005-1080 Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, ...
E
CVE-2005-1081 Cross-site scripting (XSS) vulnerability in view.php in AzDGDatingPlatinum 1.1.0 allows remote attac...
E
CVE-2005-1082 Multiple SQL injection vulnerabilities in AzDGDatingPlatinum 1.1.0 allows remote attackers to execut...
E
CVE-2005-1083 index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter....
CVE-2005-1084 SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitr...
CVE-2005-1085 Cross-site scripting (XSS) vulnerability in the control panel in aeDating 3.2 allows remote attacker...
CVE-2005-1086 Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute...
E
CVE-2005-1087 CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attacke...
CVE-2005-1088 Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earl...
S
CVE-2005-1089 Unknown vulnerability in DC++ before 0.674 allows attackers to append data to arbitrary files....
S
CVE-2005-1090 Directory traversal vulnerability in the readFile and writeFile API for Maxthon 1.2.0 and 1.2.1 allo...
E S
CVE-2005-1091 Maxthon 1.2.0 and 1.2.1 allows remote attackers to bypass the security ID and use restricted plugin ...
E S
CVE-2005-1092 Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-r...
E
CVE-2005-1093 Buffer overflow in the PopUp Plus 2.0.3.8 plugin for Miranda IM, with "Use SmileyAdd Setting" enable...
S
CVE-2005-1094 FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, wh...
CVE-2005-1095 Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows r...
E
CVE-2005-1096 SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attacke...
CVE-2005-1097 Rebrand P2P Share Spy 2.2 stores the user password in plaintext in the txtPassword value in the regi...
CVE-2005-1098 GetDataBack for NTFS 2.31 stores the username and license key in plaintext in the Name value in the ...
CVE-2005-1099 Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 an...
S
CVE-2005-1100 Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1....
S
CVE-2005-1101 Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow remote attackers to cause a d...
S
CVE-2005-1102 Multiple cross-site scripting (XSS) vulnerabilities in template-functions-post.php in WordPress 1.5 ...
S
CVE-2005-1103 Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the securit...
CVE-2005-1104 Multiple cross-site scripting (XSS) vulnerabilities in Centra 7 allow remote attackers to inject arb...
CVE-2005-1105 Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows re...
CVE-2005-1106 PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (a...
CVE-2005-1107 McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows loc...
CVE-2005-1108 The ij_untrusted_url function in JunkBuster 2.0.2-r2, with single-threaded mode enabled, allows remo...
S
CVE-2005-1109 The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to cause a denial of ser...
S
CVE-2005-1110 Stack-based buffer overflow in the RespondeHTTPPendiente function in the HTTP server for SUMUS 0.2.2...
CVE-2005-1111 Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files v...
CVE-2005-1112 IBM WebSphere Application Server 6.0 and earlier, when sharing the document root of the web server, ...
CVE-2005-1113 Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and earlier allow remote atta...
CVE-2005-1114 Multiple SQL injection vulnerabilities in album_search.php in Photo Album 2.0.53 for phpBB allow rem...
E
CVE-2005-1115 Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow rem...
E
CVE-2005-1116 Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote attackers to ...
CVE-2005-1117 PHP remote file inclusion vulnerability in index.php in All4WWW-Homepagecreator 1.0a allows remote a...
E
CVE-2005-1118 Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for We...
S
CVE-2005-1119 Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on ...
CVE-2005-1120 Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.14 and earlier allow remote att...
CVE-2005-1121 Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earli...
E S
CVE-2005-1122 Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attacker...
S
CVE-2005-1123 Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory co...
S
CVE-2005-1124 Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows ...
S
CVE-2005-1125 Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows at...
E
CVE-2005-1126 The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not pro...
S
CVE-2005-1127 Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix ...
S
CVE-2005-1128 Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arb...
CVE-2005-1129 eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send ...
CVE-2005-1130 Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to in...
E
CVE-2005-1131 Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier has unknown attack vectors and...
S
CVE-2005-1132 LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malf...
CVE-2005-1133 The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, ...
CVE-2005-1134 SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to e...
E S
CVE-2005-1135 Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows r...
E
CVE-2005-1136 Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web ...
E
CVE-2005-1137 Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to obtain sensitive information via a direc...
E
CVE-2005-1138 Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a...
S
CVE-2005-1139 Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational...
E S
CVE-2005-1140 Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote attackers to inject arbitr...
E
CVE-2005-1141 Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allo...
E
CVE-2005-1142 Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netp...
E
CVE-2005-1143 Cross-site scripting (XSS) vulnerability in index.php in EasyPHPCalendar before 6.2.8 allows remote ...
CVE-2005-1144 popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information vi...
CVE-2005-1145 NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in calen...
CVE-2005-1146 NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in the l...
CVE-2005-1147 calendar.pl in CalendarScript 3.20 allows remote attackers to obtain sensitive information via inval...
CVE-2005-1148 calendar.pl in CalendarScript 3.21 allows remote attackers to obtain sensitive information via inval...
E
CVE-2005-1149 SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1.0 allows remote attackers to ...
CVE-2005-1150 Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows sys...
S
CVE-2005-1151 qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied ...
S
CVE-2005-1152 popauth.c in qpopper 4.0.5 and earlier does not properly set the umask, which may cause qpopper to c...
S
CVE-2005-1153 Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers ...
S
CVE-2005-1154 Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary scr...
S
CVE-2005-1155 The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attac...
E S
CVE-2005-1156 Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execut...
E S
CVE-2005-1157 Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replac...
E S
CVE-2005-1158 Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrar...
S
CVE-2005-1159 The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla...
S
CVE-2005-1160 The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote...
S
CVE-2005-1161 Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary ...
E S
CVE-2005-1162 Multiple cross-site scripting (XSS) vulnerabilities in OneWorldStore allow remote attackers to injec...
E S
CVE-2005-1163 Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code...
E
CVE-2005-1164 Yager 5.24 and earlier allows remote attackers to cause a denial of service (application hang) via a...
E
CVE-2005-1165 Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via ...
E
CVE-2005-1166 The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and ear...
CVE-2005-1167 Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user...
CVE-2005-1168 DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows remote attackers to overwrite ...
E S
CVE-2005-1169 Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to e...
CVE-2005-1170 SQL injection vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to ...
CVE-2005-1171 Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote ...
CVE-2005-1172 Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows re...
S
CVE-2005-1173 Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary cod...
CVE-2005-1174 MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cau...
S
CVE-2005-1175 Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and e...
S
CVE-2005-1176 Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for tha...
CVE-2005-1177 Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions...
S
CVE-2005-1178 SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL com...
CVE-2005-1179 Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/...
S
CVE-2005-1180 HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers ...
E
CVE-2005-1181 NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader...
CVE-2005-1182 Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service)...
CVE-2005-1183 Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbit...
E
CVE-2005-1184 The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service ...
CVE-2005-1185 Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local...
S
CVE-2005-1186 Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone i...
S
CVE-2005-1187 Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers t...
CVE-2005-1188 Cross-site scripting (XSS) vulnerability in comersus_searchItem.asp in Comersus 3.90 to 4.51 allows ...
E S
CVE-2005-1189 Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attacke...
CVE-2005-1190 WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a denial of service via a long c...
S
CVE-2005-1191 The Web View DLL (webvw.dll), as used in Windows Explorer on Windows 2000 systems, does not properly...
E S
CVE-2005-1192 Unknown vulnerability in HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23, when running TCP/IP ...
CVE-2005-1193 The bbencode_second_pass and make_clickable functions in bbcode.php for phpBB before 2.0.15, as used...
S
CVE-2005-1194 Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers...
S
CVE-2005-1195 Multiple heap-based buffer overflows in the code used to handle (1) MMS over TCP (MMST) streams or (...
S
CVE-2005-1196 SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers...
CVE-2005-1197 SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle D...
S
CVE-2005-1198 Directory traversal vulnerability in apexec.pl for Anaconda Foundation Directory allows remote attac...
CVE-2005-1199 SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arb...
E S
CVE-2005-1200 PHP remote file inclusion vulnerability in main_index.php in AZ Bulletin Board (AZbb) 1.0.07a throug...
S
CVE-2005-1201 Multiple directory traversal vulnerabilities in AZ Bulletin board (AZbb) before 1.0.08 allow (1) rem...
S
CVE-2005-1202 Multiple cross-site scripting (XSS) vulnerabilities in eGroupware before 1.0.0.007 allow remote atta...
E S
CVE-2005-1203 Multiple SQL injection vulnerabilities in index.php in eGroupware before 1.0.0.007 allow remote atta...
E S
CVE-2005-1204 Desktop Rover 3.0, and possibly earlier versions, allows remote attackers to cause a denial of servi...
CVE-2005-1205 The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allow...
S
CVE-2005-1206 Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 a...
S
CVE-2005-1207 Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows rem...
S
CVE-2005-1208 Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier ...
S
CVE-2005-1211 Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote at...
S
CVE-2005-1212 Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers ...
S
CVE-2005-1213 Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, ...
S
CVE-2005-1214 Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code...
S
CVE-2005-1215 Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restrict...
S
CVE-2005-1216 Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS proto...
S
CVE-2005-1218 The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 a...
S
CVE-2005-1219 Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to exec...
S
CVE-2005-1220 Shoutbox SCRIPT 3.0.2 and earlier allows remote attackers to obtain sensitive information via a dire...
CVE-2005-1221 SQL injection vulnerability in login.asp for Ecommerce-Carts EcommPro 3.0 allows remote attackers to...
E
CVE-2005-1222 cat_for_gen.php in Annuaire Netref 4.2 allows remote attackers to execute arbitrary PHP code by sett...
CVE-2005-1223 Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.01 allow remote attackers to ex...
E
CVE-2005-1224 Multiple SQL injection vulnerabilities in DUware DUportal Pro 3.4 allow remote attackers to execute ...
E
CVE-2005-1225 SQL injection vulnerability in Coppermine Photo Gallery 1.3.2 allows remote attackers to execute arb...
S
CVE-2005-1226 Coppermine Photo Gallery 1.3.2 stores passwords in plaintext, which allows remote attackers to obtai...
E S
CVE-2005-1227 Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inj...
E
CVE-2005-1228 Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers t...
S
CVE-2005-1229 Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitr...
CVE-2005-1230 Directory traversal vulnerability in Yawcam 0.2.5 allows remote attackers to read arbitrary files vi...
E
CVE-2005-1231 Cross-site scripting (XSS) vulnerability in the NewTerm function in GlossaryModel.php in JAWS 0.4 al...
E S
CVE-2005-1232 Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote...
CVE-2005-1233 Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to...
E
CVE-2005-1234 Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary ...
E S
CVE-2005-1235 auction_my_auctions.php in phpbb-Auction 1.2m and earlier allows remote attackers to obtain sensitiv...
E S
CVE-2005-1236 Multiple SQL injection vulnerabilities in DUware DUportal 3.1.2 and 3.1.2 SQL allow remote attackers...
E
CVE-2005-1237 SQL injection vulnerability in news.php in FlexPHPNews 0.0.3 allows remote attackers to execute arbi...
E
CVE-2005-1238 By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document...
CVE-2005-1239 Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSerie...
E
CVE-2005-1240 Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSe...
E
CVE-2005-1241 Directory traversal vulnerability in the third party tool from Powertech, as used to secure the iSer...
E
CVE-2005-1242 Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries ...
E
CVE-2005-1243 Directory traversal vulnerability in the third party tool from SafeStone, as used to secure the iSer...
E
CVE-2005-1244 Directory traversal vulnerability in the third party tool from NetIQ, as used to secure the iSeries ...
E
CVE-2005-1245 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy...
S
CVE-2005-1246 Format string vulnerability in the snmppd_log function in snmppd_util.c for snmppd 0.4.5 and earlier...
E S
CVE-2005-1247 webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via ma...
E
CVE-2005-1248 Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a c...
S
CVE-2005-1249 The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause...
S
CVE-2005-1250 SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwi...
S
CVE-2005-1252 Directory traversal vulnerability in the Web Calendaring server in Ipswitch Imail 8.13, and other ve...
S
CVE-2005-1254 Stack-based buffer overflow in the IMAP server for Ipswitch IMail 8.12 and 8.13, and other versions ...
S
CVE-2005-1255 Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collabor...
S
CVE-2005-1256 Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration...
S
CVE-2005-1260 bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bz...
CVE-2005-1261 Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers...
S
CVE-2005-1262 Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via ...
S
CVE-2005-1263 The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre...
CVE-2005-1264 Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an io...
E S
CVE-2005-1265 The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address ...
CVE-2005-1266 Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CP...
S
CVE-2005-1267 The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the dec...
S
CVE-2005-1268 Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, w...
S
CVE-2005-1269 Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yah...
CVE-2005-1270 The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary f...
S
CVE-2005-1271 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1343. Reason: This candida...
R
CVE-2005-1272 Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Back...
E S
CVE-2005-1274 Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB b...
CVE-2005-1275 Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier a...
E S
CVE-2005-1277 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1766. Reason: This candida...
R
CVE-2005-1278 The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote atta...
CVE-2005-1279 tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a...
E
CVE-2005-1280 The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of se...
E
CVE-2005-1281 Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) vi...
E
CVE-2005-1282 Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote...
CVE-2005-1283 Multiple directory traversal vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote authen...
CVE-2005-1284 The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary ac...
CVE-2005-1285 Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier al...
E
CVE-2005-1286 Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefende...
CVE-2005-1287 Multiple SQL injection vulnerabilities in BK Forum 4.0 allow remote attackers to execute arbitrary S...
E
CVE-2005-1288 inc_login_check.asp ACS Blog 0.8 through 1.1.3 allows remote attackers to gain administrator privile...
E
CVE-2005-1289 index.cgi in E-Cart 2004 1.1 and earlier allows remote attackers to execute arbitrary commands via s...
E
CVE-2005-1290 Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.14 and earlier allow remote attacke...
E
CVE-2005-1291 Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitra...
E
CVE-2005-1292 Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to in...
E
CVE-2005-1293 Multiple SQL injection vulnerabilities in default.asp in StorePortal 2.63 allow remote attackers to ...
E
CVE-2005-1294 The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to g...
S
CVE-2005-1295 include.cgi script allows remote attackers to read arbitrary files via a full pathname in the argume...
CVE-2005-1296 include.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in...
CVE-2005-1297 Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject...
CVE-2005-1298 The inserter.cgi script allows remote attackers to read arbitrary files via a full pathname in the a...
CVE-2005-1299 The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacte...
CVE-2005-1300 Cross-site scripting (XSS) vulnerability in the inserter.cgi script allows remote attackers to injec...
CVE-2005-1301 nProtect:Netizen 2005.3.17.1 does not properly verify that the update module is downloaded from an a...
S
CVE-2005-1302 SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary...
CVE-2005-1303 The citat.pl script allows remote attackers to read arbitrary files via a full pathname in the argum...
CVE-2005-1304 The citat.pl script allows remote attackers to execute arbitrary files via shell metacharacters in t...
CVE-2005-1305 The hyper.cgi script allows remote attackers to read arbitrary files via a full pathname in the argu...
CVE-2005-1306 The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determ...
E S
CVE-2005-1307 The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the curre...
E
CVE-2005-1308 SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the r...
CVE-2005-1309 Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary ...
E
CVE-2005-1310 SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands...
E
CVE-2005-1311 Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject ...
S
CVE-2005-1312 PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute ...
S
CVE-2005-1313 Cross-site scripting (XSS) vulnerability in Horde Passwd module before 2.2.2 allows remote attackers...
S
CVE-2005-1314 Cross-site scripting (XSS) vulnerability in Horde Kronolith module before 1.1.4 allows remote attack...
S
CVE-2005-1315 Cross-site scripting (XSS) vulnerability in Horde Turba module before 1.2.5 allows remote attackers ...
S
CVE-2005-1316 Cross-site scripting (XSS) vulnerability in Horde Accounts module before 2.1.2 allows remote attacke...
S
CVE-2005-1317 Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers ...
S
CVE-2005-1318 Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 al...
S
CVE-2005-1319 Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote atta...
S
CVE-2005-1320 Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager before 1.1.4 allows remote atta...
S
CVE-2005-1321 Cross-site scripting (XSS) vulnerability in Horde Vacation module before 2.2.2 allows remote attacke...
S
CVE-2005-1322 Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote a...
S
CVE-2005-1323 Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote attackers to execute arbitrar...
E
CVE-2005-1324 Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attac...
CVE-2005-1325 set_lang.php in phpMyVisites 1.3 allows remote attackers to read and include arbitrary files via the...
E S
CVE-2005-1326 Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote authenticated attackers to cause...
S
CVE-2005-1327 Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier ...
E
CVE-2005-1328 OneWorldStore allows remote attackers to cause a denial of service (application crash) via a direct ...
E S
CVE-2005-1329 owOfflineCC.asp in OneWorldStore allows remote attackers to obtain sensitive information by modifyin...
E S
CVE-2005-1330 AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) vi...
CVE-2005-1331 The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: ...
E S
CVE-2005-1332 Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default,...
CVE-2005-1333 Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac O...
S
CVE-2005-1334 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1579. Reason: This candida...
R
CVE-2005-1335 Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chp...
CVE-2005-1336 Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitr...
CVE-2005-1337 Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arb...
CVE-2005-1338 Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store init...
S
CVE-2005-1339 lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by l...
CVE-2005-1340 The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabl...
S
CVE-2005-1341 Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences....
E S
CVE-2005-1342 The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal es...
E S
CVE-2005-1343 Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users t...
S
CVE-2005-1344 Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a lon...
E
CVE-2005-1345 Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid A...
S
CVE-2005-1346 Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Secur...
CVE-2005-1347 ** UNVERIFIABLE ** NOTE: this issue describes a problem that can not be independently verified as o...
CVE-2005-1348 Buffer overflow in HTTPMail in MailEnable Enterprise 1.04 and earlier and Professional 1.54 and earl...
CVE-2005-1349 Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute ar...
S
CVE-2005-1350 The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argumen...
CVE-2005-1351 The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in ...
CVE-2005-1352 Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote attackers to inject arbi...
CVE-2005-1353 The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argum...
CVE-2005-1354 The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters i...
CVE-2005-1355 includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in ...
CVE-2005-1356 Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attack...
CVE-2005-1357 text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument....
CVE-2005-1358 text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in th...
CVE-2005-1359 Cross-site scripting (XSS) vulnerability in text.cgi script allows remote attackers to inject arbitr...
CVE-2005-1360 PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 allows remote attackers to execu...
E
CVE-2005-1361 Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbi...
E
CVE-2005-1362 Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute ...
CVE-2005-1363 Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute...
CVE-2005-1364 Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitra...
E
CVE-2005-1365 Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL ...
E
CVE-2005-1366 Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI script...
E
CVE-2005-1367 Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via...
E
CVE-2005-1368 The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow att...
S
CVE-2005-1369 The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.1...
S
CVE-2005-1370 Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1...
S
CVE-2005-1371 BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before open...
E
CVE-2005-1372 nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening fil...
E
CVE-2005-1373 Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi CMS 4.2.3 allow remote attackers...
E
CVE-2005-1374 Multiple cross-site scripting (XSS) vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate...
E S
CVE-2005-1375 Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possi...
E S
CVE-2005-1376 Multiple directory traversal vulnerabilities in (1) document.php or (2) insertMyDoc.php in Claroline...
S
CVE-2005-1377 Multiple PHP remote file inclusion vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate ...
E S
CVE-2005-1378 SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attacke...
E S
CVE-2005-1379 The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user...
CVE-2005-1380 Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute...
E
CVE-2005-1381 Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to ...
E
CVE-2005-1382 The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files vi...
E
CVE-2005-1383 The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server a...
E S
CVE-2005-1384 Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary ...
E
CVE-2005-1385 Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https...
E
CVE-2005-1386 PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive information via a direct reques...
CVE-2005-1387 Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command li...
CVE-2005-1388 Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 allows remote attackers to inject ...
S
CVE-2005-1389 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0175. Reason: This candida...
R
CVE-2005-1390 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0174. Reason: This candida...
R
CVE-2005-1391 Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to...
E S
CVE-2005-1392 The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows ...
CVE-2005-1393 Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute ar...
E S
CVE-2005-1394 Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain pr...
S
CVE-2005-1395 Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may allow local users to gain privileg...
E S
CVE-2005-1396 Race condition in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier allows local users to write to arbitrar...
E
CVE-2005-1397 SQL injection vulnerability in search.php for PHP-Calendar before 0.10.3 allows remote attackers to ...
S
CVE-2005-1398 phpcart.php in PHPCart 3.2 allows remote attackers to change product price information by modifying ...
E
CVE-2005-1399 FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which ...
S
CVE-2005-1400 The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sens...
S
CVE-2005-1401 Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers t...
E
CVE-2005-1402 Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 a...
CVE-2005-1403 Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow ...
E
CVE-2005-1404 MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter ...
E S
CVE-2005-1405 HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6....
S
CVE-2005-1406 The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffer...
S
CVE-2005-1407 Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authori...
S
CVE-2005-1408 Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI han...
E S
CVE-2005-1409 PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions...
S
CVE-2005-1410 The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) ...
S
CVE-2005-1411 Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows...
E
CVE-2005-1412 SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attacke...
CVE-2005-1413 Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL...
E
CVE-2005-1414 ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintex...
E
CVE-2005-1415 Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute ...
E S
CVE-2005-1416 Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside ...
CVE-2005-1417 Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote at...
E S
CVE-2005-1418 NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrows...
E
CVE-2005-1419 SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows re...
E
CVE-2005-1420 Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname o...
E
CVE-2005-1421 Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attac...
E
CVE-2005-1422 Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operati...
E
CVE-2005-1423 Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote a...
E
CVE-2005-1424 StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in pl...
E
CVE-2005-1425 Uapplication Uguestbook 1.0 stores sensitive information under the web root with insufficient access...
E
CVE-2005-1426 Uapplication Ublog Reload stores sensitive information under the web root with insufficient access c...
E
CVE-2005-1427 Uapplication Uphotogallery stores the database under the web document root, which allows remote atta...
E
CVE-2005-1428 edit_image.asp in Uapplication Uphotogallery allows remote attackers to upload arbitrary files....
E
CVE-2005-1429 SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbi...
CVE-2005-1430 Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is manage...
E
CVE-2005-1431 The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers...
CVE-2005-1433 Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allo...
S
CVE-2005-1434 Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 ...
S
CVE-2005-1435 Open WebMail (OWM) before 2.51 20050430 allows remote authenticated users to execute arbitrary comma...
S
CVE-2005-1436 Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arb...
E
CVE-2005-1437 Multiple SQL injection vulnerabilities in osTicket allow remote attackers to execute arbitrary SQL c...
E
CVE-2005-1438 PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute a...
CVE-2005-1439 Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arb...
CVE-2005-1440 Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote atta...
E
CVE-2005-1441 Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote ...
S
CVE-2005-1442 Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows lo...
S
CVE-2005-1443 Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0....
E
CVE-2005-1444 Multiple cross-site scripting (XSS) vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allo...
E S
CVE-2005-1445 Multiple directory traversal vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remo...
E S
CVE-2005-1446 SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to upload and execute arbitrary fil...
E S
CVE-2005-1447 PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 and earlier (SitePanel2) allo...
E S
CVE-2005-1448 Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remo...
S
CVE-2005-1449 Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown imp...
S
CVE-2005-1450 Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipi...
S
CVE-2005-1451 The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary ...
S
CVE-2005-1452 Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."...
S
CVE-2005-1453 fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (cras...
S
CVE-2005-1454 SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and e...
S
CVE-2005-1455 Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier a...
S
CVE-2005-1456 Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.1...
CVE-2005-1457 Multiple unknown vulnerabilities in the (1) AIM, (2) LDAP, (3) FibreChannel, (4) GSM_MAP, (5) SRVLOC...
S
CVE-2005-1458 Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impa...
S
CVE-2005-1459 Multiple unknown vulnerabilities in the (1) WSP, (2) BER, (3) SMB, (4) NDPS, (5) IAX2, (6) RADIUS, (...
S
CVE-2005-1460 Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of s...
S
CVE-2005-1461 Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (...
CVE-2005-1462 Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attacker...
S
CVE-2005-1463 Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before ...
S
CVE-2005-1464 Multiple unknown vulnerabilities in the (1) KINK, (2) L2TP, (3) MGCP, (4) EIGRP, (5) DLSw, (6) MEGAC...
CVE-2005-1465 Unknown vulnerability in the NCP dissector in Ethereal before 0.10.11 allow remote attackers to caus...
S
CVE-2005-1466 Unknown vulnerability in the DICOM dissector in Ethereal before 0.10.11 allows remote attackers to c...
S
CVE-2005-1467 Unknown vulnerability in the NDPS dissector in Ethereal before 0.10.11 allows remote attackers to ca...
CVE-2005-1468 Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, ...
E S
CVE-2005-1469 Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cau...
S
CVE-2005-1470 Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dis...
S
CVE-2005-1471 Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execu...
CVE-2005-1472 Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain dir...
S
CVE-2005-1473 SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked sc...
S
CVE-2005-1474 Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without pro...
S
CVE-2005-1475 The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access res...
S
CVE-2005-1476 Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an I...
E S
CVE-2005-1477 The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as up...
E S
CVE-2005-1478 Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute ar...
E
CVE-2005-1479 SQL injection vulnerability in jgs_portal.php in JGS-Portal 3.0.1 and earlier allows remote attacker...
E S
CVE-2005-1480 Directory traversal vulnerability in RaidenFTPD before 2.4.2241 allows remote attackers to read arbi...
S
CVE-2005-1481 Multiple SQL injection vulnerabilities in Aaron Outpost ASP Inline Corporate Calendar allow remote a...
CVE-2005-1482 ArticleLive 2005 allows remote attackers to gain privileges by modifying the (1) auth and (2) userId...
E
CVE-2005-1483 Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to in...
E
CVE-2005-1484 Directory traversal vulnerability in Golden FTP server pro 2.52 allows remote attackers to read arbi...
CVE-2005-1485 Golden FTP Server Pro 2.52 allows remote attackers to obtain sensitive information via a GET request...
CVE-2005-1486 Multiple cross-site scripting vulnerabilities in FishCart 3.1 allow remote attackers to inject arbit...
E
CVE-2005-1487 Multiple SQL injection vulnerabilities in FishCart 3.1 allow remote attackers to execute arbitrary S...
E
CVE-2005-1488 Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail...
CVE-2005-1489 Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authentic...
S
CVE-2005-1490 Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox.dat file does not exist, allow...
CVE-2005-1491 Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move th...
CVE-2005-1492 Cross-site scripting (XSS) vulnerability in user.cgi in Gossamer Threads Links SQL 2.x and 3.0 allow...
E S
CVE-2005-1493 Directory traversal vulnerability in SimpleCam 1.2 allows remote attackers to read arbitrary files v...
E S
CVE-2005-1494 Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remot...
E
CVE-2005-1495 Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT st...
E
CVE-2005-1496 The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain addition...
E S
CVE-2005-1497 index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid ...
CVE-2005-1498 Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inj...
E
CVE-2005-1499 delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying ...
E
CVE-2005-1500 Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrar...
E
CVE-2005-1501 MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive information via a direct requ...
CVE-2005-1502 Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart allows remote attackers to in...
E
CVE-2005-1503 Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart allow remote attackers to execu...
E
CVE-2005-1504 GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypa...
E
CVE-2005-1505 The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and che...
CVE-2005-1506 SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote atta...
CVE-2005-1507 Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a d...
E
CVE-2005-1508 Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote attackers to inject...
CVE-2005-1509 SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote attackers to execute arbitra...
CVE-2005-1510 PwsPHP 1.2.2 allows remote attackers to obtain sensitive information via a direct request to the adm...
CVE-2005-1511 PwsPHP 1.2.2 allows remote attackers to bypass authentication and post arbitrary comments via the Ps...
CVE-2005-1512 The Admin panel in PwsPHP 1.2.2 does not properly verify uploaded picture files, which allows remote...
CVE-2005-1513 Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with ...
E
CVE-2005-1514 commands.c in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows ...
E
CVE-2005-1515 Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bi...
E
CVE-2005-1516 DList (dlist.exe) in DMail 3.1a allows remote attackers to bypass authentication, read log files, an...
CVE-2005-1517 Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 and earlier, when using URL, FT...
CVE-2005-1518 Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, an...
S
CVE-2005-1519 Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not p...
S
CVE-2005-1520 Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and...
S
CVE-2005-1521 Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and oth...
S
CVE-2005-1522 The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authentica...
S
CVE-2005-1523 Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before...
S
CVE-2005-1524 PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versio...
S
CVE-2005-1525 SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers t...
S
CVE-2005-1526 PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote ...
S
CVE-2005-1527 Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, ...
S
CVE-2005-1528 Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local u...
CVE-2005-1530 Sophos Anti-Virus 5.0.1, with "Scan inside archive files" enabled, allows remote attackers to cause ...
E S
CVE-2005-1531 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security che...
S
CVE-2005-1532 Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript e...
CVE-2005-1543 Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.e...
CVE-2005-1544 Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary cod...
S
CVE-2005-1545 Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbi...
CVE-2005-1546 Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remote attackers to execute arbitr...
CVE-2005-1547 Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, all...
CVE-2005-1548 SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to exec...
E
CVE-2005-1549 Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to re...
E
CVE-2005-1550 easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell me...
E
CVE-2005-1551 Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written,...
CVE-2005-1552 GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does ...
E
CVE-2005-1553 GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encry...
E S
CVE-2005-1554 SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1.62 allows remote attackers to...
E
CVE-2005-1555 Cross-site scripting (XSS) vulnerability in the JRun Web Server in ColdFusion MX 7.0 allows remote a...
S
CVE-2005-1556 Gamespy cd-key validation system allows remote attackers to cause a denial of service (cd-key alread...
E
CVE-2005-1557 Multiple cross-site scripting (XSS) vulnerabilities in WebApp Guestbook PRO 3.2.1 and earlier allow ...
E
CVE-2005-1558 The web module in Neteyes Nexusway allows remote attackers to bypass authentication and gain adminis...
E S
CVE-2005-1559 The web module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via hex-enc...
E S
CVE-2005-1560 The SSH module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via shell m...
E S
CVE-2005-1561 Multiple cross-site scripting (XSS) vulnerabilities in post.asp in MaxWebPortal 1.3.5 and earlier al...
E S
CVE-2005-1562 Multiple SQL injection vulnerabilities in MaxWebPortal 1.3.5 and earlier allow remote attackers to e...
E S
CVE-2005-1563 Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 displays a different error message depending on wheth...
S
CVE-2005-1564 post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to ...
E S
CVE-2005-1565 Bugzilla 2.17.1 through 2.18, 2.19.1, and 2.19.2, when a user is prompted to log in while attempting...
E S
CVE-2005-1566 Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTR...
CVE-2005-1567 SQL injection vulnerability in topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to exec...
CVE-2005-1568 topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an...
CVE-2005-1569 Cross-site scripting (XSS) vulnerability in DirectTopics 2.1 and 2.2 allows remote attackers to inje...
CVE-2005-1570 forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain h...
E
CVE-2005-1571 Multiple directory traversal vulnerabilities in ShowOff! 1.5.4 allow remote attackers to read arbitr...
E
CVE-2005-1572 ShowOff! 1.5.4 allows remote attackers to cause a denial of service (server crash) via a malformed r...
E
CVE-2005-1573 SQL injection vulnerability in admin_login.asp for ASP Virtual News Manager allows remote attackers ...
E
CVE-2005-1574 Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital R...
CVE-2005-1575 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hi...
CVE-2005-1576 The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP he...
E S
CVE-2005-1577 APG Technology ClassMaster does not properly restrict access to sensitive folders, which allows remo...
E
CVE-2005-1578 EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows att...
CVE-2005-1579 Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information ...
S
CVE-2005-1580 users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded...
CVE-2005-1581 Cross-site scripting (XSS) vulnerability in Bug Report 1.0 allows remote attackers to inject arbitra...
CVE-2005-1582 Cross-site scripting (XSS) vulnerability in index.php for 1Two News 1.0 allows remote attackers to i...
E S
CVE-2005-1583 1Two News 1.0 allows remote attackers to (1) delete images for new stories via a direct request to a...
E S
CVE-2005-1584 Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers ...
CVE-2005-1585 Multiple SQL injection vulnerabilities in Quick.Forum 2.1.6 allow remote attackers to execute arbitr...
E
CVE-2005-1586 Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, c...
CVE-2005-1587 Cross-site scripting (XSS) vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers t...
E
CVE-2005-1588 SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arb...
E
CVE-2005-1589 The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-...
E S
CVE-2005-1590 The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password p...
E
CVE-2005-1591 Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of se...
S
CVE-2005-1592 Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to i...
E
CVE-2005-1593 Cross-site scripting (XSS) vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remot...
E
CVE-2005-1594 SQL injection vulnerability in catalog.php for CodeThat ShoppingCart 1.3.1 allows remote attackers t...
E S
CVE-2005-1595 CodeThat ShoppingCart 1.3.1 stores config.ini under the web root, which allows remote attackers to o...
E S
CVE-2005-1596 index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows rem...
E S
CVE-2005-1597 Cross-site scripting (XSS) vulnerability in (1) search.php and (2) topics.php for Invision Power Boa...
S
CVE-2005-1598 SQL injection vulnerability in Invision Power Board (IPB) 2.0.3 and earlier allows remote attackers ...
E S
CVE-2005-1599 Cross-site scripting (XSS) vulnerability in Kryloff Technologies Subject Search Server (SSServer) 1....
CVE-2005-1600 A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 ...
CVE-2005-1601 MRO Maximo Self Service 4 and 5 stores certain information under the web document root using file ex...
CVE-2005-1602 SQL injection vulnerability in login.asp for Net56 Browser Based File Manager 1.0 allows remote atta...
E
CVE-2005-1603 NiteEnterprises Remote File Manager 1.0 allows remote attackers to cause a denial of service (crash)...
E
CVE-2005-1604 PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via fi...
E
CVE-2005-1605 Cross-site scripting (XSS) vulnerability in the guestbook for SiteStudio 1.6 allows remote attackers...
S
CVE-2005-1606 H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in pl...
E S
CVE-2005-1607 Cross-site scripting (XSS) vulnerability in shop.cgi in Remote Cart allows remote attackers to injec...
E
CVE-2005-1608 Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostN...
S
CVE-2005-1609 Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G an...
E
CVE-2005-1610 Cross-site scripting (XSS) vulnerability in security.php for Tru-Zone NukeET 3.0 and 3.1 allows remo...
E S
CVE-2005-1611 Cross-site scripting (XSS) vulnerability in WebX in Web Crossing 5.x allows remote attackers to inje...
E
CVE-2005-1612 SQL injection vulnerability in read.php in Open Bulletin Board (OpenBB) 1.0.8 allows remote attacker...
E
CVE-2005-1613 Cross-site scripting (XSS) vulnerability in member.php in Open Bulletin Board (OpenBB) 1.0.8 allows ...
E
CVE-2005-1614 Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1....
E
CVE-2005-1615 viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 may allow remote attackers to read sensi...
CVE-2005-1616 viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensit...
CVE-2005-1617 Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which al...
CVE-2005-1618 The YMSGR URL handler in Yahoo! Messenger 5.x through 6.0 allows remote attackers to cause a denial ...
CVE-2005-1619 Multiple cross-site scripting (XSS) vulnerabilities in (1) start_page.css.php3 (aka start-page.css.p...
CVE-2005-1620 Cross-site scripting (XSS) vulnerability in Skull-Splitter Guestbook 1.0, 2.0 and 2.2 allows remote ...
CVE-2005-1621 Directory traversal vulnerability in the pnModFunc function in pnMod.php for PostNuke 0.750 through ...
S
CVE-2005-1622 Cross-site scripting (XSS) vulnerability in productsByCategory.asp in MetaCart e-Shop allows remote ...
S
CVE-2005-1625 Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 ...
S
CVE-2005-1626 Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to ex...
S
CVE-2005-1627 Unknown vulnerability in Viewglob before 2.0.1, related to "a potential security issue with the View...
S
CVE-2005-1628 apage.cgi in WebAPP 0.9.9.2.1, and possibly earlier versions, allows remote attackers to execute arb...
E
CVE-2005-1629 SQL injection vulnerability in member.php for Photopost PHP Pro allows remote attackers to execute a...
E S
CVE-2005-1630 Unknown vulnerability in Attachment Mod before 2.3.13, related to a "serious issue with realnames," ...
S
CVE-2005-1631 booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing i...
S
CVE-2005-1632 Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTH...
S
CVE-2005-1633 Multiple SQL injection vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow remote attackers...
CVE-2005-1634 Multiple cross-site scripting (XSS) vulnerabilities in JGS-XA JGS-Portal 3.0.2 and earlier allow rem...
CVE-2005-1635 JGS-XA JGS-Portal 3.0.2 and earlier allows remote attackers to obtain the full server path via direc...
CVE-2005-1636 mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X fil...
CVE-2005-1637 Multiple SQL injection vulnerabilities in NPDS 4.8 and 5.0 allow remote attackers to execute arbitra...
E S
CVE-2005-1638 The _writeAttrs function in SafeHTML before 1.3.2 does not properly handle quotes in attribute value...
S
CVE-2005-1639 SQL injection vulnerability in Sigmaweb.DLL in Sigma ISP Manager 6.6 allows remote attackers to exec...
E
CVE-2005-1640 mod_channel.bas in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions...
E S
CVE-2005-1641 mod_channel in The Ignition Project ignitionServer 0.3.0 to 0.3.6, and possibly earlier versions, do...
E S
CVE-2005-1642 SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier al...
E
CVE-2005-1643 The ZCom_BitStream::Deserialize function in Zoidcom 1.0 beta 4 and earlier allows remote attackers t...
E S
CVE-2005-1644 Cross-site scripting (XSS) vulnerability in guestbook.php for 1Two Livre d'Or 1.0 allows remote atta...
S
CVE-2005-1645 Keyvan1 ImageGallery stores the image.mdb database under the web document root with insufficient acc...
E
CVE-2005-1646 The default installation of Fastream NETFile FTP/Web Server 7.4.6, which supports FXP, does not requ...
E S
CVE-2005-1647 Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root wi...
E
CVE-2005-1648 Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document roo...
E S
CVE-2005-1649 The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off,...
E
CVE-2005-1650 The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages ...
CVE-2005-1651 Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows...
CVE-2005-1652 message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to bypass authentic...
CVE-2005-1653 Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5)...
CVE-2005-1654 Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users vi...
E S
CVE-2005-1655 AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client...
E
CVE-2005-1656 Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL w...
E
CVE-2005-1657 Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to ...
CVE-2005-1658 Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list...
E
CVE-2005-1659 Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers ...
E S
CVE-2005-1660 HTMLJunction EZGuestbook stores the guestbook.mdb file under the web document root with insufficient...
E
CVE-2005-1661 Jeuce Personal Webserver 2.13 allows remote attackers to cause a denial of service (server crash) vi...
E
CVE-2005-1662 Directory traversal vulnerability in Jeuce Personal Web Server 2.13 allows remote attackers to read ...
E
CVE-2005-1663 Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) v...
E
CVE-2005-1664 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay att...
CVE-2005-1665 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows re...
CVE-2005-1666 Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause...
E S
CVE-2005-1667 DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP G...
E
CVE-2005-1668 YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to asse...
S
CVE-2005-1669 Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to in...
CVE-2005-1670 Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 b...
S
CVE-2005-1671 The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes ...
CVE-2005-1672 Multiple cross-site scripting (XSS) vulnerabilities in Help Center Live allow remote attackers to in...
E S
CVE-2005-1673 Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitra...
E S
CVE-2005-1674 Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perfo...
E S
CVE-2005-1675 Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5...
S
CVE-2005-1676 Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Off...
S
CVE-2005-1677 Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Gr...
S
CVE-2005-1678 Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5...
S
CVE-2005-1679 Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to e...
S
CVE-2005-1680 D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows re...
CVE-2005-1681 PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions,...
CVE-2005-1682 JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the mess...
CVE-2005-1683 Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before ...
CVE-2005-1684 Cross-site scripting (XSS) vulnerability in default.asp for episodex guestbook allows remote attacke...
CVE-2005-1685 episodex guestbook allows remote attackers to bypass authentication and edit scripts via a direct re...
CVE-2005-1686 Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (applic...
CVE-2005-1687 SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers...
CVE-2005-1688 Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct reque...
CVE-2005-1689 Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier a...
S
CVE-2005-1690 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1250. Reason: This candida...
R
CVE-2005-1691 Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows rem...
E
CVE-2005-1692 Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows rem...
CVE-2005-1693 Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust...
S
CVE-2005-1694 Multiple SQL injection vulnerabilities in Xanthia.php in the Xanthia module in PostNuke 0.750 allow ...
S
CVE-2005-1695 Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2...
S
CVE-2005-1696 Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.750 and 0.760RC3 allow remote atta...
S
CVE-2005-1697 The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive in...
CVE-2005-1698 PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct req...
CVE-2005-1699 Directory traversal vulnerability in pnadminapi.php in the Xanthia module in PostNuke 0.760-RC3 allo...
CVE-2005-1700 SQL injection vulnerability in pnadmin.php in the Xanthia module in PostNuke 0.760-RC3 allows remote...
CVE-2005-1701 SQL injection vulnerability in PortailPHP 1.3 allows remote attackers to execute arbitrary SQL comma...
E
CVE-2005-1702 Format string vulnerability in Warrior Kings: Battles 1.23 and earlier and Warrior Kings 1.3 and ear...
CVE-2005-1703 Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server...
E
CVE-2005-1704 Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils,...
CVE-2005-1705 gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which...
S
CVE-2005-1706 Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses...
CVE-2005-1707 The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrit...
E S
CVE-2005-1708 templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated u...
S
CVE-2005-1709 Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to ...
S
CVE-2005-1710 Multiple cross-site scripting (XSS) vulnerabilities in Blue Coat Reporter before 7.1.2 allow remote ...
S
CVE-2005-1711 Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct C...
S
CVE-2005-1712 Unknown vulnerability in Serendipity 0.8, when used with multiple authors, allows unprivileged autho...
S
CVE-2005-1713 Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inj...
S
CVE-2005-1714 Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject...
S
CVE-2005-1715 Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers...
E S
CVE-2005-1716 TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insuffic...
E
CVE-2005-1717 ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows remote attackers to cause a denial...
E
CVE-2005-1718 Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of ...
E
CVE-2005-1719 Unknown vulnerability in ALWIL avast! antivirus 4 (4.6.6230) and earlier, when running on Windows NT...
S
CVE-2005-1720 AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL wh...
CVE-2005-1721 Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to ...
CVE-2005-1722 Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows loca...
CVE-2005-1723 LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME...
S
CVE-2005-1724 NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a f...
S
CVE-2005-1725 launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files vi...
S
CVE-2005-1726 The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain pri...
CVE-2005-1727 Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) s...
S
CVE-2005-1728 MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credential...
S
CVE-2005-1729 Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via...
CVE-2005-1730 Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remot...
E
CVE-2005-1731 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-1732 Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path p...
E
CVE-2005-1733 Cookie Cart stores the password file under the web document root with insufficient access control, w...
E
CVE-2005-1734 Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitr...
CVE-2005-1735 Multiple cross-site scripting (XSS) vulnerabilities in PROMS before 0.11 allow remote attackers to i...
CVE-2005-1736 PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to use...
CVE-2005-1737 Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized users" to (1) view or modify th...
CVE-2005-1738 Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) ...
S
CVE-2005-1739 The XWD Decoder in ImageMagick before 6.2.2.3, and GraphicsMagick before 1.1.6-r1, allows remote att...
E S
CVE-2005-1740 fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users...
CVE-2005-1741 Gearbox Software Halo: Combat Evolved 1.6 allows remote attackers to cause a denial of service (infi...
E
CVE-2005-1742 BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role...
CVE-2005-1743 BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 d...
CVE-2005-1744 BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an a...
CVE-2005-1745 The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack 3 prints the password to stand...
CVE-2005-1746 The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contac...
CVE-2005-1747 Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through S...
CVE-2005-1748 The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 thro...
CVE-2005-1749 Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 Service Pack 4 allows remote attacke...
CVE-2005-1750 SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 allows remote attackers to execut...
E
CVE-2005-1751 Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files vi...
CVE-2005-1752 viewFile.php in the scm component of Gforge before 4.0 allows remote attackers to execute arbitrary ...
E S
CVE-2005-1753 ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote at...
CVE-2005-1754 JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arb...
E
CVE-2005-1755 PHP remote file inclusion vulnerability in poll_vote.php in PHP Poll Creator 1.01 allows remote atta...
E S
CVE-2005-1756 Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C al...
S
CVE-2005-1757 Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may...
S
CVE-2005-1758 Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may al...
S
CVE-2005-1759 Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files vi...
S
CVE-2005-1760 sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the pass...
S
CVE-2005-1761 Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (k...
S
CVE-2005-1762 The ptrace call in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform allows local users to ...
S
CVE-2005-1763 Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write b...
S
CVE-2005-1764 Linux 2.6.11 on 64-bit x86 (x86_64) platforms does not use a guard page for the 47-bit address page ...
S
CVE-2005-1765 syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compat...
S
CVE-2005-1766 Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1...
S
CVE-2005-1767 traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, whi...
S
CVE-2005-1768 Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before ...
CVE-2005-1769 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote...
S
CVE-2005-1770 Buffer overflow in the Aavmker4 device driver in Avast! Antivirus 4.6 and possibly other versions al...
E
CVE-2005-1771 Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 allows remote attackers to ga...
CVE-2005-1772 Buffer overflow in the client cd-key hash in Terminator 3: War of the Machines 1.16 and earlier allo...
E
CVE-2005-1773 Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1.8d allow remote attackers to e...
S
CVE-2005-1774 WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce Unix permissions, which allows lo...
CVE-2005-1775 Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of serv...
E
CVE-2005-1776 Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin ...
E
CVE-2005-1777 SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arb...
S
CVE-2005-1778 Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers t...
E S
CVE-2005-1779 SQL injection vulnerability in password.asp in MaxWebPortal 1.35, 1.36, 2.0, and 20050418 Next allow...
CVE-2005-1780 SQL injection vulnerability in admin/login.asp in Active News Manager allows remote attackers to exe...
E
CVE-2005-1781 Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denia...
S
CVE-2005-1782 Multiple cross-site scripting (XSS) vulnerabilities in BookReview beta 1.0 allow remote attackers to...
E
CVE-2005-1783 BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain paramet...
E
CVE-2005-1784 Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain pr...
E
CVE-2005-1785 SQL injection vulnerability in ad/login.asp in ZonGG 1.2 allows remote attackers to execute arbitrar...
E
CVE-2005-1786 SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 allows remote attackers to execut...
E S
CVE-2005-1787 setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator pri...
E
CVE-2005-1788 SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows rem...
E
CVE-2005-1789 SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote att...
E
CVE-2005-1790 Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remo...
CVE-2005-1791 Microsoft Internet Explorer 6 SP2 (6.0.2900.2180) crashes when the user attempts to add a URI to the...
CVE-2005-1792 Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial o...
S
CVE-2005-1793 User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote ...
CVE-2005-1794 Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstls...
CVE-2005-1795 The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote att...
E S
CVE-2005-1796 Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Et...
S
CVE-2005-1797 The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover A...
CVE-2005-1798 Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote ...
E
CVE-2005-1799 Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allow...
S
CVE-2005-1800 Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attacker...
S
CVE-2005-1801 The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard wit...
CVE-2005-1802 Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via a...
S
CVE-2005-1803 Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow re...
E S
CVE-2005-1804 Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attacker...
S
CVE-2005-1805 SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS...
CVE-2005-1806 Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitr...
E S
CVE-2005-1807 The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause ...
E
CVE-2005-1808 Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (c...
E
CVE-2005-1809 Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service (panic) via an obexft...
CVE-2005-1810 SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote atta...
S
CVE-2005-1811 Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinBoard (MyBB) allows remote atta...
E S
CVE-2005-1812 Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow rem...
E
CVE-2005-1813 Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote...
E
CVE-2005-1814 Stack-based buffer overflow in PicoWebServer 1.0 allows remote attackers to cause a denial of servic...
E
CVE-2005-1815 Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to...
S
CVE-2005-1816 Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users...
E
CVE-2005-1817 Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via...
E
CVE-2005-1818 Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 allow remote attackers to exe...
S
CVE-2005-1819 Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before 0.11.0 allows remote attackers t...
S
CVE-2005-1820 zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attackers to execute arbitrary PHP co...
E
CVE-2005-1821 PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allow...
E
CVE-2005-1822 Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to execute a...
CVE-2005-1823 Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers...
E
CVE-2005-1824 The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not pr...
S
CVE-2005-1825 Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (fo...
E
CVE-2005-1826 Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions includi...
E
CVE-2005-1827 D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as upgrad...
CVE-2005-1828 D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which ...
E
CVE-2005-1829 Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a denial of service (infinite loo...
CVE-2005-1830 The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 allows remote attackers to cause...
E
CVE-2005-1831 Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain p...
CVE-2005-1832 Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier a...
E S
CVE-2005-1833 Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to ...
E S
CVE-2005-1834 SQL injection vulnerability in login.asp in NEXTWEB (i)Site allows remote attackers to execute arbit...
E
CVE-2005-1835 NEXTWEB (i)Site stores databases under the web document root with insufficient access control, which...
E
CVE-2005-1836 NEXTWEB (i)Site allows remote attackers to cause a denial of service (error 500) via a crafted HTTP ...
E
CVE-2005-1837 Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the ser...
CVE-2005-1838 Multiple cross-site scripting vulnerabilities in castnewPost.asp in Liberum Help Desk 0.97.3 allow r...
E
CVE-2005-1839 Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers...
E
CVE-2005-1840 Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows ...
S
CVE-2005-1841 The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary fi...
S
CVE-2005-1842 VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when runnin...
S
CVE-2005-1843 VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when runnin...
S
CVE-2005-1844 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-1845 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-1846 Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allow attackers to overwrite arbit...
E S
CVE-2005-1847 Multiple buffer overflows in YaMT before 0.5_2 allow attackers to execute arbitrary code via the (1)...
S
CVE-2005-1848 The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause a denial of service (daemon cr...
S
CVE-2005-1849 inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) vi...
S
CVE-2005-1850 Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecure...
S
CVE-2005-1851 A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute sh...
S
CVE-2005-1852 Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, G...
S
CVE-2005-1853 gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local use...
E
CVE-2005-1854 Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows rem...
S
CVE-2005-1855 Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permis...
S
CVE-2005-1856 The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable...
S
CVE-2005-1857 Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execut...
S
CVE-2005-1858 FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the fi...
S
CVE-2005-1859 Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, an...
CVE-2005-1860 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-1861 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-1862 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-1863 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-1864 PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote...
E
CVE-2005-1865 Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allow remote attackers to execute ...
E
CVE-2005-1866 Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote at...
E
CVE-2005-1867 Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which al...
S
CVE-2005-1868 I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by u...
S
CVE-2005-1869 PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to ...
E S
CVE-2005-1870 PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows ...
E
CVE-2005-1871 Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registratio...
CVE-2005-1872 Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the glob...
S
CVE-2005-1873 Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers t...
E
CVE-2005-1874 Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary fil...
S
CVE-2005-1875 Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attacker...
S
CVE-2005-1876 Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with admin...
CVE-2005-1877 Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote...
CVE-2005-1878 GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink att...
CVE-2005-1879 LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a...
CVE-2005-1880 everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on...
E
CVE-2005-1881 upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploade...
E
CVE-2005-1882 PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote a...
E
CVE-2005-1883 global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR ...
E
CVE-2005-1884 Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92...
E
CVE-2005-1885 view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to obtain sensitive information via...
E
CVE-2005-1886 Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote a...
E
CVE-2005-1887 Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local ...
CVE-2005-1888 Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject...
S
CVE-2005-1889 Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows ...
S
CVE-2005-1890 Unknown vulnerability in Mortiforo before 0.9.1 allows users to access private forums via unknown at...
S
CVE-2005-1891 The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote att...
CVE-2005-1892 FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information ...
E S
CVE-2005-1893 FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to cer...
S
CVE-2005-1894 Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary P...
E S
CVE-2005-1895 Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitra...
S
CVE-2005-1896 Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arb...
E S
CVE-2005-1897 Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and att...
CVE-2005-1898 The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to ...
S
CVE-2005-1899 Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in...
E
CVE-2005-1900 Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative pr...
S
CVE-2005-1901 Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before 7.1.6 allow remote attackers t...
S
CVE-2005-1902 Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote a...
E S
CVE-2005-1903 Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users...
E S
CVE-2005-1904 SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to ...
CVE-2005-1905 The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allow...
CVE-2005-1906 SQL injection vulnerability in login.asp in livingmailing 1.3 allows remote attackers to execute arb...
CVE-2005-1907 The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows re...
CVE-2005-1908 Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading ...
CVE-2005-1909 The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult ...
E
CVE-2005-1910 SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attacker...
E
CVE-2005-1911 The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never...
CVE-2005-1912 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1841. Reason: This candida...
R
CVE-2005-1913 The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) ...
S
CVE-2005-1914 CenterICQ 4.20.0 and earlier creates temporary files with predictable file names, which allows local...
S
CVE-2005-1915 The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbit...
S
CVE-2005-1916 linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via...
CVE-2005-1917 kpopper 1.0 and earlier allows local users to create and overwrite arbitrary files via a symlink att...
CVE-2005-1918 The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterp...
S
CVE-2005-1919 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2005-1920 The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same...
S
CVE-2005-1921 Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC...
S
CVE-2005-1922 The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause ...
S
CVE-2005-1923 The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) 0.83, and other versions vefore 0.86, ...
S
CVE-2005-1924 The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute ...
E
CVE-2005-1925 Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read...
S
CVE-2005-1928 Trend Micro ServerProtect EarthAgent for Windows Management Console 5.58 and possibly earlier versio...
CVE-2005-1929 Multiple heap-based buffer overflows in (1) isaNVWRequest.dll and (2) relay.dll in Trend Micro Serve...
CVE-2005-1930 Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro Ser...
CVE-2005-1931 GoodTech SMTP Server 5.14 allows remote attackers to cause a denial of service (application crash) v...
S
CVE-2005-1932 Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modif...
S
CVE-2005-1933 Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding ...
E
CVE-2005-1934 Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN m...
CVE-2005-1935 Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) a...
E
CVE-2005-1936 Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 24...
S
CVE-2005-1937 A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Ja...
CVE-2005-1938 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1250. Reason: This candida...
R
CVE-2005-1939 Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to...
E
CVE-2005-1941 SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.p...
CVE-2005-1942 Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain ...
CVE-2005-1943 Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execut...
CVE-2005-1944 xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a d...
CVE-2005-1945 Cross-site scripting (XSS) vulnerability in the convert_highlite_words function in Invision Blog bef...
E S
CVE-2005-1946 Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 Final allow remote attackers to...
E S
CVE-2005-1947 Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attac...
E S
CVE-2005-1948 Multiple SQL injection vulnerabilities in Invision Gallery before 1.3.1 allow remote attackers to ex...
E S
CVE-2005-1949 The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote att...
CVE-2005-1950 hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary commands via shell metacharac...
CVE-2005-1951 Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow rem...
CVE-2005-1952 Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitra...
S
CVE-2005-1953 Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers ...
S
CVE-2005-1954 singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1)...
CVE-2005-1955 Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to...
CVE-2005-1956 File Upload Manager allows remote attackers to upload arbitrary files by modifying the test variable...
CVE-2005-1957 mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, whi...
CVE-2005-1958 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1855. Reason: This candida...
R
CVE-2005-1959 jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell me...
CVE-2005-1960 The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands v...
S
CVE-2005-1961 Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allows local users to bypass inten...
S
CVE-2005-1962 Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inje...
E
CVE-2005-1963 Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain request...
E
CVE-2005-1964 PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers t...
CVE-2005-1965 PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attac...
E
CVE-2005-1966 The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute ar...
CVE-2005-1967 Multiple SQL injection vulnerabilities in ProductCart Ecommerce before 2.7 allow remote attackers to...
E
CVE-2005-1968 Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers...
E
CVE-2005-1969 Cross-site scripting (XSS) vulnerability in Pragma Systems Telnetserver 6.0 allows remote attackers ...
CVE-2005-1970 Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local use...
S
CVE-2005-1971 Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta and earlier allows remote atta...
CVE-2005-1972 Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote ...
S
CVE-2005-1973 Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications t...
CVE-2005-1974 Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE ...
CVE-2005-1975 Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and earlier allow remote at...
CVE-2005-1976 Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500...
S
CVE-2005-1978 COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local u...
CVE-2005-1979 Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of s...
CVE-2005-1980 Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of s...
CVE-2005-1981 Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers al...
S
CVE-2005-1982 Unknown vulnerability in the PKINIT Protocol for Microsoft Windows 2000, Windows XP, and Windows Ser...
S
CVE-2005-1983 Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Window...
S
CVE-2005-1984 Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, a...
S
CVE-2005-1985 The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003...
CVE-2005-1987 Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exch...
S
CVE-2005-1988 Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbi...
S
CVE-2005-1989 Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain infor...
S
CVE-2005-1990 Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (applicatio...
S
CVE-2005-1992 The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that ...
S
CVE-2005-1993 Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry i...
S
CVE-2005-1994 Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded c...
CVE-2005-1995 Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request...
S
CVE-2005-1996 PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote atta...
S
CVE-2005-1997 show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensiti...
CVE-2005-1998 Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbi...
CVE-2005-1999 Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote att...
E S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.