CVE-2005-3xxx

There are 977 CVE in this subgroup.
Last updated: 
← Back to 2005
ID Summary Flags Max Score
CVE-2005-3000 Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Mana...
E
CVE-2005-3001 Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of s...
CVE-2005-3002 Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a ...
E
CVE-2005-3003 SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to e...
E
CVE-2005-3004 SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary S...
CVE-2005-3005 Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) ad...
E S
CVE-2005-3006 The mail client in Opera before 8.50 opens attached files from the user's cache directory without wa...
S
CVE-2005-3007 Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a t...
S
CVE-2005-3008 Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which...
CVE-2005-3009 Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web...
CVE-2005-3010 Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in C...
E
CVE-2005-3011 The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite ar...
E
CVE-2005-3012 The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp t...
E
CVE-2005-3013 Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users ...
E
CVE-2005-3014 Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbi...
CVE-2005-3015 Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject...
E S
CVE-2005-3016 Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown...
S
CVE-2005-3017 PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to includ...
E
CVE-2005-3018 Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted ...
E
CVE-2005-3019 Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow remote attackers to execute a...
E S
CVE-2005-3020 Multiple cross-site scripting (XSS) vulnerabilities in vBulletin before 3.0.9 allow remote attackers...
E S
CVE-2005-3021 image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator pa...
E S
CVE-2005-3022 Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to exec...
E
CVE-2005-3023 Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote atta...
E
CVE-2005-3024 Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to exec...
E S
CVE-2005-3025 Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 and earlier allow remote atta...
E S
CVE-2005-3026 Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote ...
E
CVE-2005-3027 Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypa...
S
CVE-2005-3028 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2986. Reason: This candida...
R
CVE-2005-3029 Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383...
S
CVE-2005-3030 Directory traversal vulnerability in the archive decompression library in AhnLab V3Pro 2004 build 6....
S
CVE-2005-3031 Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER ...
E
CVE-2005-3032 Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and ...
E
CVE-2005-3033 Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (cra...
E
CVE-2005-3034 Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attacker...
E
CVE-2005-3035 Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attacker...
E
CVE-2005-3036 File Transfer Anywhere 3.01 stores sensitive password information in plaintext in the PASS value in ...
S
CVE-2005-3037 Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote attackers to...
E
CVE-2005-3038 Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote attackers to lis...
S
CVE-2005-3039 SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute a...
E
CVE-2005-3040 Directory traversal vulnerability in the web interface (ISALogin.dll) for TAC Vista 4.0, and possibl...
E
CVE-2005-3041 Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "uninte...
S
CVE-2005-3042 miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enable...
S
CVE-2005-3043 SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute ar...
E S
CVE-2005-3044 Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of serv...
CVE-2005-3045 SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attacker...
E
CVE-2005-3046 SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL ...
E
CVE-2005-3047 Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 allow remote attackers to inje...
E
CVE-2005-3048 Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arb...
CVE-2005-3049 PhpMyFaq 1.5.1 stores data files under the web document root with insufficient access control and pr...
E
CVE-2005-3050 PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information via a LANGCODE parameter that...
E
CVE-2005-3051 Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA,...
CVE-2005-3052 SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 allows remote attackers to execu...
CVE-2005-3053 The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a de...
CVE-2005-3054 fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to oth...
S
CVE-2005-3055 Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a...
CVE-2005-3056 TWiki allows arbitrary shell command execution via the Include function...
S
CVE-2005-3057 The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0...
CVE-2005-3058 Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote...
CVE-2005-3059 Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and atta...
S
CVE-2005-3060 Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via un...
S
CVE-2005-3061 Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remo...
S
CVE-2005-3062 PHP remote file inclusion vulnerability in index.php in AlstraSoft E-Friends 4.0 allows remote attac...
E
CVE-2005-3063 SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL command...
E
CVE-2005-3064 MultiTheftAuto 0.5 patch 1 and earlier does not properly verify client privileges when running comma...
E
CVE-2005-3065 MultiTheftAuto 0.5 patch 1 and earlier allows remote attackers to cause a denial of service (applica...
E
CVE-2005-3066 Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver 1.x allows remote attackers to...
E S
CVE-2005-3067 Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver 2.x allows remote attackers t...
E S
CVE-2005-3068 Unspecified vulnerability in Eric Integrated Development Environment (eric3) before 3.7.2 has unknow...
S
CVE-2005-3069 xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwrite arbitrary files via a syml...
CVE-2005-3070 HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might...
CVE-2005-3071 Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, all...
S
CVE-2005-3072 SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remot...
S
CVE-2005-3073 Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, wh...
S
CVE-2005-3074 SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and before 1.10.1 allows remote atta...
S
CVE-2005-3075 SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL c...
CVE-2005-3076 Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error me...
CVE-2005-3077 Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers to cause a denial of service (c...
E
CVE-2005-3078 Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arb...
S
CVE-2005-3079 PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selecti...
S
CVE-2005-3080 contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the ...
S
CVE-2005-3081 wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacte...
E
CVE-2005-3082 SQL injection vulnerability in admin.php in SEO-Board 1.0.2 allows remote attackers to execute arbit...
S
CVE-2005-3083 Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 0.10 allows remote attacker...
E
CVE-2005-3084 Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote atta...
E
CVE-2005-3085 Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator m...
E
CVE-2005-3086 Directory traversal vulnerability in admin/about.php in contentServ 3.1 allows remote attackers to r...
E
CVE-2005-3087 The SecureW2 3.0 TLS implementation uses weak random number generators (rand and srand from system t...
CVE-2005-3088 fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with ins...
S
CVE-2005-3089 Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) sc...
S
CVE-2005-3090 Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php in Mantis 0.19.0a1 through 1.0....
S
CVE-2005-3091 Cross-site scripting (XSS) vulnerability in Mantis before 1.0.0rc1 allows remote attackers to inject...
CVE-2005-3092 Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 allows remote attackers to execute...
CVE-2005-3093 Nokia 7610 and 3210 phones allows attackers to cause a denial of service via certain characters in t...
CVE-2005-3094 Avi Alkalay man-cgi script allows remote attackers to execute arbitrary code via shell metacharacter...
E
CVE-2005-3095 Avi Alkalay notify program, dated 19 Aug 2001, allows remote attackers to execute arbitrary commands...
CVE-2005-3096 Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote attackers to execute arbitrary c...
E
CVE-2005-3097 Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka contribute.pl), dated 16 Jun 20...
E
CVE-2005-3098 poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges ...
E
CVE-2005-3099 Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows lo...
S
CVE-2005-3100 Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4.027 allows attackers to cause...
S
CVE-2005-3101 The password reset feature in Movable Type before 3.2 generates different error messages depending o...
S
CVE-2005-3102 The administrative interface in Movable Type allows attackers to upload files with arbitrary extensi...
CVE-2005-3103 Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to injec...
CVE-2005-3104 mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via...
CVE-2005-3105 The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly m...
E
CVE-2005-3106 Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthre...
S
CVE-2005-3107 fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, m...
S
CVE-2005-3108 mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or a...
CVE-2005-3109 The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) ...
CVE-2005-3110 Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system...
CVE-2005-3111 The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames,...
S
CVE-2005-3112 The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database ...
S
CVE-2005-3113 The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to down...
CVE-2005-3114 Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remot...
CVE-2005-3115 mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to o...
CVE-2005-3116 Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITA...
E S
CVE-2005-3117 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3150. Reason: This candida...
R
CVE-2005-3118 Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewal...
S
CVE-2005-3119 Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up t...
CVE-2005-3120 Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP serv...
S
CVE-2005-3121 A rule file in module-assistant before 0.9.10 causes a temporary file to be created insecurely, whic...
S
CVE-2005-3122 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reaso...
R
CVE-2005-3123 Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary ...
E S
CVE-2005-3124 syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink at...
S
CVE-2005-3125 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2005-3126 The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earli...
S
CVE-2005-3127 Cross-site scripting (XSS) vulnerability in index.php in lucidCMS 1.0.11 allows remote attackers to ...
E
CVE-2005-3128 Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelma...
E S
CVE-2005-3129 Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 and earlier allows remote attac...
E S
CVE-2005-3130 SQL injection vulnerability in lucidCMS 1.0.11 allows remote attackers to execute arbitrary SQL comm...
CVE-2005-3131 Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mai...
E
CVE-2005-3132 MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote a...
CVE-2005-3133 Multiple directory traversal vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1...
E
CVE-2005-3134 Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictio...
E
CVE-2005-3135 Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbi...
E S
CVE-2005-3136 Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and earlier allows remote attacke...
E S
CVE-2005-3137 The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbit...
S
CVE-2005-3138 Bugzilla 2.18rc1 through 2.18.3, 2.19 through 2.20rc2, and 2.21 allows remote attackers to obtain se...
S
CVE-2005-3139 Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows att...
S
CVE-2005-3140 Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd...
CVE-2005-3141 Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a rev...
CVE-2005-3142 Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1....
CVE-2005-3143 Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to caus...
S
CVE-2005-3144 httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via lo...
S
CVE-2005-3145 httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service (resou...
S
CVE-2005-3146 StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via...
S
CVE-2005-3147 StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local ...
S
CVE-2005-3148 StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backe...
S
CVE-2005-3149 Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environme...
S
CVE-2005-3150 Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other ver...
S
CVE-2005-3151 Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code vi...
E
CVE-2005-3152 Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 allow remote attackers to inje...
E S
CVE-2005-3153 login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular ...
E
CVE-2005-3154 Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allo...
CVE-2005-3155 Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote ...
S
CVE-2005-3156 Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 a...
CVE-2005-3157 SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execut...
E
CVE-2005-3158 SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attack...
E
CVE-2005-3159 SQL injection vulnerability in messages.php in PHP-Fusion allows remote attackers to execute arbitra...
E
CVE-2005-3160 Multiple SQL injection vulnerabilities in photogallery.php in PHP-Fusion allow remote attackers to e...
CVE-2005-3161 Multiple SQL injection vulnerabilities in PHP-Fusion before 6.00.110 allow remote attackers to execu...
S
CVE-2005-3162 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3160. Reason: this candida...
R
CVE-2005-3163 Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers to read files outside of the ...
S
CVE-2005-3164 The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi ...
CVE-2005-3165 Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.4.9 allow remote attackers...
S
CVE-2005-3166 Unspecified vulnerability in "edit submission handling" for MediaWiki 1.4.x before 1.4.10 and 1.3.x ...
S
CVE-2005-3167 Incomplete blacklist vulnerability in MediaWiki before 1.4.11 does not properly remove certain CSS i...
S
CVE-2005-3168 The SECEDIT command on Microsoft Windows 2000 before Update Rollup 1 for SP4, when using a security ...
S
CVE-2005-3169 Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" pol...
S
CVE-2005-3170 The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using ...
S
CVE-2005-3171 Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID 1704 to indicate that Group P...
S
CVE-2005-3172 The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not p...
S
CVE-2005-3173 Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply group policies if the user logs...
S
CVE-2005-3174 Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even whe...
S
CVE-2005-3175 Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a local administrator to unlock a compu...
S
CVE-2005-3176 Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Te...
S
CVE-2005-3177 CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003...
S
CVE-2005-3178 Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execu...
S
CVE-2005-3179 drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-w...
S
CVE-2005-3180 The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory fro...
CVE-2005-3181 The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL...
CVE-2005-3182 Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to...
S
CVE-2005-3183 The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to ...
E
CVE-2005-3184 Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) diss...
S
CVE-2005-3185 Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7...
S
CVE-2005-3186 Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers t...
S
CVE-2005-3187 The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause...
S
CVE-2005-3188 Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) a...
E S
CVE-2005-3189 Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read ...
CVE-2005-3190 Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in ...
CVE-2005-3191 Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::rea...
S
CVE-2005-3192 Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as...
S
CVE-2005-3193 Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code ...
S
CVE-2005-3194 Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remo...
CVE-2005-3195 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3178. Reason: this candida...
R
CVE-2005-3196 Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows atta...
CVE-2005-3197 Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allow...
S
CVE-2005-3198 Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when p...
CVE-2005-3199 Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to exe...
CVE-2005-3200 Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro (UNP) 1.1.3 and 1.1.4 allow r...
E S
CVE-2005-3201 SQL injection vulnerability in news.php for Utopia News Pro (UNP) 1.1.3, when magic_quotes_gpc is di...
E S
CVE-2005-3202 Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 all...
E
CVE-2005-3203 The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in inst...
CVE-2005-3204 Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arb...
E S
CVE-2005-3205 Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in Oracle9i Database Server Release...
S
CVE-2005-3206 iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause...
E S
CVE-2005-3207 The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote attackers to cause a denial o...
E S
CVE-2005-3208 Multiple SQL injection vulnerabilities in (1) aeNovo, (2) aeNovoShop and (3) aeNovoWYSI allow remote...
E
CVE-2005-3209 Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plainte...
E
CVE-2005-3210 Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers...
CVE-2005-3211 Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attacke...
E
CVE-2005-3212 Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to ...
CVE-2005-3213 Multiple interpretation error in unspecified versions of F-Prot Antivirus allows remote attackers to...
CVE-2005-3214 Multiple interpretation error in unspecified versions of Avast Antivirus allows remote attackers to ...
CVE-2005-3215 Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to...
CVE-2005-3216 Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to...
CVE-2005-3217 Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers ...
CVE-2005-3218 Multiple interpretation error in unspecified versions of Dr.Web Antivirus allows remote attackers to...
CVE-2005-3219 Multiple interpretation error in unspecified versions of Avira Antivirus allows remote attackers to ...
CVE-2005-3220 Multiple interpretation error in unspecified versions of Norman Virus Control Antivirus allows remot...
CVE-2005-3221 Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers ...
CVE-2005-3222 Multiple interpretation error in unspecified versions of VBA32 Antivirus allows remote attackers to ...
CVE-2005-3223 Multiple interpretation error in unspecified versions of Rising Antivirus allows remote attackers to...
CVE-2005-3224 Multiple interpretation error in unspecified versions of AntiVir Antivirus allows remote attackers t...
CVE-2005-3225 Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antiviru...
CVE-2005-3226 Multiple interpretation error in unspecified versions of ArcaVir Antivirus allows remote attackers t...
CVE-2005-3227 Multiple interpretation error in unspecified versions of UNA Antivirus allows remote attackers to by...
CVE-2005-3228 Multiple interpretation error in unspecified versions of Ikarus AntiVirus allows remote attackers to...
CVE-2005-3229 Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to...
CVE-2005-3230 Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to ...
CVE-2005-3231 Multiple interpretation error in unspecified versions of CAT Quick Heal allows remote attackers to b...
CVE-2005-3232 Multiple interpretation error in unspecified versions of TheHacker allows remote attackers to bypass...
CVE-2005-3233 Multiple interpretation error in unspecified versions of Trustix Antivirus allows remote attackers t...
CVE-2005-3234 Multiple interpretation error in unspecified versions of Grisoft AVG Antivirus allows remote attacke...
CVE-2005-3235 Multiple interpretation error in unspecified versions of Proland Protector Plus 2000 Antivirus allow...
CVE-2005-3236 Multiple SQL injection vulnerabilities in Cyphor 0.19 allow remote attackers to execute arbitrary SQ...
CVE-2005-3237 Cross-site scripting (XSS) vulnerability in Cyphor 0.19 allows remote attackers to inject arbitrary ...
E
CVE-2005-3238 Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users ...
CVE-2005-3239 The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a deni...
CVE-2005-3240 Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary ...
CVE-2005-3241 Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of...
S
CVE-2005-3242 Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknow...
S
CVE-2005-3243 Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute ar...
S
CVE-2005-3244 The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service...
S
CVE-2005-3245 Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect ...
S
CVE-2005-3246 Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference)...
S
CVE-2005-3247 The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite ...
S
CVE-2005-3248 Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attacke...
S
CVE-2005-3249 Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers...
CVE-2005-3250 Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unkn...
CVE-2005-3251 Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers ...
E S
CVE-2005-3252 Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remo...
S
CVE-2005-3253 Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and othe...
S
CVE-2005-3254 The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID ...
S
CVE-2005-3255 The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugg...
S
CVE-2005-3256 The key selection dialogue in Enigmail before 0.92.1 can incorrectly select a key with a user ID tha...
CVE-2005-3257 The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6...
E
CVE-2005-3258 The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers...
S
CVE-2005-3259 Multiple SQL injection vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attack...
E
CVE-2005-3260 Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow ...
E
CVE-2005-3261 getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed script...
E
CVE-2005-3262 Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute ar...
S
CVE-2005-3263 Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attacke...
S
CVE-2005-3264 Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote atta...
E
CVE-2005-3265 Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arb...
S
CVE-2005-3266 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3265. Reason: this candida...
R
CVE-2005-3267 Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x...
E S
CVE-2005-3268 yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify owner...
CVE-2005-3269 Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System...
S
CVE-2005-3270 Untrusted search path vulnerability in DiskMountNotify for Symantec Norton AntiVirus 9.0.3 allows lo...
CVE-2005-3271 Exec in Linux kernel 2.6 does not properly clear posix-timers in multi-threaded environments, which ...
CVE-2005-3272 Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frame...
CVE-2005-3273 The rose_rt_ioctl function in rose_route.c for Radionet Open Source Environment (ROSE) in Linux 2.6 ...
S
CVE-2005-3274 Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when runni...
S
CVE-2005-3275 The NAT code (1) ip_nat_proto_tcp.c and (2) ip_nat_proto_udp.c in Linux kernel 2.6 before 2.6.13 and...
S
CVE-2005-3276 The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear...
CVE-2005-3277 The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary ...
E
CVE-2005-3278 Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer (BMV) 1.2 allo...
CVE-2005-3279 Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when...
CVE-2005-3280 Paros 3.2.5 uses a default password for the "sa" account in the underlying HSQLDB database and does ...
E S
CVE-2005-3281 Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 allows remote attackers to inclu...
CVE-2005-3282 Splatt Forum 3.0 to 3.2 allows remote attackers to bypass authentication via unknown vectors....
S
CVE-2005-3283 Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to injec...
S
CVE-2005-3284 Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Serv...
E S
CVE-2005-3285 Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackO...
E
CVE-2005-3286 The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to caus...
S
CVE-2005-3287 Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibl...
S
CVE-2005-3288 Mailsite Express allows remote attackers to upload and execute files with executable extensions such...
S
CVE-2005-3289 LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to c...
CVE-2005-3290 SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbit...
E
CVE-2005-3291 Stani's Python Editor (SPE) 0.7.5 is installed with world-writable permissions, which allows local u...
CVE-2005-3292 Multiple cross-site scripting (XSS) vulnerabilities in Xeobook 0.93 allow remote attackers to inject...
CVE-2005-3293 Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a traili...
E S
CVE-2005-3294 Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a de...
E
CVE-2005-3295 Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial...
S
CVE-2005-3296 The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary direc...
E
CVE-2005-3297 Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary c...
S
CVE-2005-3298 Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary co...
CVE-2005-3299 PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows re...
S
CVE-2005-3300 The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not pe...
S
CVE-2005-3301 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote atta...
S
CVE-2005-3302 Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary ...
E
CVE-2005-3303 The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cau...
S
CVE-2005-3304 Multiple SQL injection vulnerabilities in PHP-Nuke 7.8 allow remote attackers to modify SQL queries ...
E
CVE-2005-3305 Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary...
S
CVE-2005-3306 Cross-site scripting (XSS) vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to ...
E
CVE-2005-3307 Directory traversal vulnerability in index.php for FlatNuke 2.5.6 allows remote attackers to read ar...
E
CVE-2005-3308 Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 allow remote attackers to inject ...
E
CVE-2005-3309 Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote attackers to execute arbitrary SQ...
E
CVE-2005-3310 Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows re...
E S
CVE-2005-3311 BMC Software Control-M 6.1.03 for Solaris, and possibly other platforms, allows local users to overw...
CVE-2005-3312 The HTML rendering engine in Microsoft Internet Explorer 6.0 allows remote attackers to conduct cros...
E
CVE-2005-3313 The IRC protocol dissector in Ethereal 0.10.13 allows remote attackers to cause a denial of service ...
S
CVE-2005-3314 Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to ex...
S
CVE-2005-3315 Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allo...
E S
CVE-2005-3316 The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) Discovery...
CVE-2005-3317 Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions befo...
CVE-2005-3318 Buffer overflow in the _chm_decompress_block function in CHM lib (chmlib) before 0.37, as used in pr...
S
CVE-2005-3319 The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php) for PHP 5.x before 5.1.0 fin...
CVE-2005-3320 Cross-site scripting (XSS) vulnerability in SiteTurn Domain Manager Pro allows remote attackers to i...
E
CVE-2005-3321 chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating...
CVE-2005-3322 Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of se...
CVE-2005-3323 docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbi...
S
CVE-2005-3324 SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary S...
E S
CVE-2005-3325 Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Da...
E S
CVE-2005-3326 SQL injection vulnerability in usercp.php in MyBulletinBoard (MyBB) allows remote attackers to execu...
E
CVE-2005-3327 Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication ...
S
CVE-2005-3328 PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote att...
CVE-2005-3329 Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows ...
E
CVE-2005-3330 The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, ...
CVE-2005-3331 viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temp...
CVE-2005-3332 PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows r...
E
CVE-2005-3333 SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL command...
CVE-2005-3334 Cross-site scripting (XSS) vulnerability in index.php in Flyspray 0.9.7 through 0.9.8 (devel) allows...
E
CVE-2005-3335 PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 ...
E S
CVE-2005-3336 SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitra...
S
CVE-2005-3337 Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers t...
CVE-2005-3338 Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display th...
CVE-2005-3339 Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack v...
CVE-2005-3340 The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and earlier creates temporary files ins...
S
CVE-2005-3341 DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files v...
S
CVE-2005-3342 noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on tempo...
S
CVE-2005-3343 tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporar...
S
CVE-2005-3344 The default installation of Horde 3.0.4 contains an administrative account with a blank password, wh...
S
CVE-2005-3345 rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges b...
S
CVE-2005-3346 Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local u...
CVE-2005-3347 Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in ...
S
CVE-2005-3348 HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgrou...
S
CVE-2005-3349 GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack...
S
CVE-2005-3350 libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code...
CVE-2005-3351 SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of re...
S
CVE-2005-3352 Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev an...
S
CVE-2005-3353 The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause ...
E S
CVE-2005-3354 Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows ...
S
CVE-2005-3355 Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters...
S
CVE-2005-3356 The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ...
S
CVE-2005-3357 mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a cust...
S
CVE-2005-3358 Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempoli...
E
CVE-2005-3359 The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (pa...
E S
CVE-2005-3360 The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 build 1244, and probably prev...
S
CVE-2005-3361 Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attacker...
CVE-2005-3362 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3153. Reason: This candida...
R
CVE-2005-3363 SQL injection vulnerability in Saphp Lesson, possibly saphp Lesson1.1 and saphpLesson2.0, allows rem...
E
CVE-2005-3364 Multiple SQL injection vulnerabilities in DboardGear allow remote attackers to execute arbitrary SQL...
E
CVE-2005-3365 Multiple SQL injection vulnerabilities in DCP-Portal 6 and earlier allow remote attackers to execute...
E
CVE-2005-3366 PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 through 2.0.1 allows remote att...
E S
CVE-2005-3367 Cross-site scripting (XSS) vulnerability in journal.php in SparkleBlog 2.1 allows remote attackers t...
CVE-2005-3368 Cross-site scripting (XSS) vulnerability in the Search_Enhanced module in PHP-Nuke 7.9 allows remote...
E
CVE-2005-3369 Multiple SQL injection vulnerabilities in the Info-DB module (info_db.php) in Woltlab Burning Board ...
E
CVE-2005-3370 Multiple interpretation error in ArcaVir 2005 package 2005-06-21 allows remote attackers to bypass v...
CVE-2005-3371 Multiple interpretation error in AVG 7 7.0.323 allows remote attackers to bypass virus scanning via ...
CVE-2005-3372 Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 engine allows remote attackers to...
CVE-2005-3373 Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a...
CVE-2005-3374 Multiple interpretation error in F-Prot 3.16c allows remote attackers to bypass virus scanning via a...
CVE-2005-3375 Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scannin...
CVE-2005-3376 Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning ...
CVE-2005-3377 Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4....
CVE-2005-3378 Multiple interpretation error in Norman 5.81 with the 5.83.02 engine allows remote attackers to bypa...
CVE-2005-3379 Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1244 with the 7.510.1002 engine...
CVE-2005-3380 Multiple interpretation error in Panda Titanium 2005 4.02.01 allows remote attackers to bypass virus...
CVE-2005-3381 Multiple interpretation error in Ukrainian National Antivirus (UNA) 1.83.2.16 with kernel 265 allows...
CVE-2005-3382 Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypas...
CVE-2005-3383 SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute ...
E
CVE-2005-3384 SQL injection vulnerability in Techno Dreams Guest Book script allows remote attackers to execute ar...
E
CVE-2005-3385 SQL injection vulnerability in Techno Dreams Mailing List script allows remote attackers to execute ...
E
CVE-2005-3386 SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute...
E
CVE-2005-3387 The startup script in packages/RedHat/ntop.init in ntop before 3.2, when ntop.conf is writable by us...
S
CVE-2005-3388 Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up t...
S
CVE-2005-3389 The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called with only one paramet...
S
CVE-2005-3390 The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when register_globals is...
S
CVE-2005-3391 Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_bas...
S
CVE-2005-3392 Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows r...
S
CVE-2005-3393 Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows rem...
S
CVE-2005-3394 Multiple SQL injection vulnerabilities in forum.php in oaboard forum 1.0 allow remote attackers to e...
E
CVE-2005-3395 SQL injection vulnerability in Invision Gallery 2.0.3 allows remote attackers to execute arbitrary S...
E S
CVE-2005-3396 Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, ...
S
CVE-2005-3397 Cross-site scripting (XSS) vulnerability in Comersus BackOffice allows remote attackers to inject ar...
E
CVE-2005-3398 The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9...
S
CVE-2005-3399 Multiple interpretation error in CAT-QuickHeal 8.0 allows remote attackers to bypass virus scanning ...
CVE-2005-3400 Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning ...
CVE-2005-3401 Multiple interpretation error in TheHacker 5.8.4.128 allows remote attackers to bypass virus scannin...
CVE-2005-3402 The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not noti...
CVE-2005-3403 Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote a...
E S
CVE-2005-3404 Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers...
E S
CVE-2005-3405 ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a dire...
E S
CVE-2005-3406 Cross-site scripting (XSS) vulnerability in phpESP 1.7.5 and earlier allows remote attackers to inje...
S
CVE-2005-3407 SQL injection vulnerability in phpESP 1.7.5 and earlier allows remote attackers to execute arbitrary...
S
CVE-2005-3408 SQL injection vulnerability in news.php in gCards version 1.43 allows remote attackers to execute ar...
E
CVE-2005-3409 OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of ser...
S
CVE-2005-3411 Cross-site scripting (XSS) vulnerability in post.asp in Snitz Forums 2000 3.4.05 allows remote attac...
E S
CVE-2005-3412 Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows remote attackers to inject ar...
E
CVE-2005-3413 Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to in...
S
CVE-2005-3414 eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which a...
S
CVE-2005-3415 phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister glo...
S
CVE-2005-3416 phpBB 2.0.17 and earlier, when register_globals is enabled and the session_start function has not be...
S
CVE-2005-3417 phpBB 2.0.17 and earlier, when the register_long_arrays directive is disabled, allows remote attacke...
S
CVE-2005-3418 Multiple cross-site scripting (XSS) vulnerabilities in phpBB 2.0.17 and earlier allow remote attacke...
S
CVE-2005-3419 SQL injection vulnerability in usercp_register.php in phpBB 2.0.17 allows remote attackers to execut...
S
CVE-2005-3420 usercp_register.php in phpBB 2.0.17 allows remote attackers to modify regular expressions and execut...
S
CVE-2005-3421 estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attackers to read unauthorized files...
S
CVE-2005-3422 Cross-site scripting (XSS) vulnerability in error.asp in ASP Fast Forum allows remote attackers to i...
E
CVE-2005-3423 Multiple SQL injection vulnerabilities in Subdreamer 2.2.1 allow remote attackers to execute arbitra...
E
CVE-2005-3424 Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject a...
S
CVE-2005-3425 Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject a...
S
CVE-2005-3426 Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers ...
S
CVE-2005-3427 The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while gener...
S
CVE-2005-3428 Cross-site scripting (XSS) vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote a...
E S
CVE-2005-3429 Rockliffe MailSite Express before 6.1.22, with the option to save login information enabled, saves u...
E S
CVE-2005-3430 Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attacke...
S
CVE-2005-3431 Absolute path traversal vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote atta...
S
CVE-2005-3432 MiniGal 2 (MG2) 0.5.1 allows remote attackers to list password protected images via a request to ind...
E
CVE-2005-3433 Buffer overflow in Mirabilis ICQ 2003a allows user-assisted attackers to execute arbitrary code by c...
CVE-2005-3434 Archilles Newsworld before 1.5.0-rc1 stores (1) account.nwd and (2) session.nwd under the web root w...
CVE-2005-3435 admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtai...
CVE-2005-3436 Cross-site scripting (XSS) vulnerability in Nuked-Klan 1.7 allows remote attackers to inject arbitra...
S
CVE-2005-3437 Unspecified vulnerability in the PL/SQL component in Oracle Database Server 9i up to 10.1.0.4 has un...
CVE-2005-3438 Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impa...
E
CVE-2005-3439 Multiple unspecified vulnerabilities in Oracle Database Server 10g up to 10.1.0.4.2 have unknown imp...
CVE-2005-3440 Unspecified vulnerability in Database Scheduler in Oracle Database Server 10g up to 10.1.0.3 has unk...
CVE-2005-3441 Unspecified vulnerability in Intelligent Agent in Oracle Database Server 9i up to 9.0.1.5 has unknow...
CVE-2005-3442 Multiple unspecified vulnerabilities in Oracle Database Server 8i up to 10.1.0.4.2 have unknown impa...
CVE-2005-3443 Unspecified vulnerability in the Spatial component in Oracle Database Server from 9i up to 10.1.0.3 ...
CVE-2005-3444 Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i...
CVE-2005-3445 Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 an...
CVE-2005-3446 Unspecified vulnerability in Internet Directory in Oracle Database Server 9i up to 9.2.0.6 and Appli...
CVE-2005-3447 Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Appli...
CVE-2005-3448 Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has u...
CVE-2005-3449 Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown im...
CVE-2005-3450 Unspecified vulnerability in the HTTP Server in Oracle Application Server 1.0 up to 9.0.2.3 has unkn...
CVE-2005-3451 Unspecified vulnerability in SQL*ReportWriter in Oracle Application Server 9.0 up to 9.0.2.1 has unk...
CVE-2005-3452 Unspecified vulnerability in Web Cache in Oracle Application Server 1.0 up to 9.0.4.2 has unknown im...
CVE-2005-3453 Multiple unspecified vulnerabilities in Web Cache in Oracle Application Server 1.0 up to 10.1.2.0 ha...
CVE-2005-3454 Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and ...
CVE-2005-3455 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 ...
CVE-2005-3456 Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.9 h...
CVE-2005-3457 Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown...
CVE-2005-3458 Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.9 has unknown ...
CVE-2005-3459 Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown im...
CVE-2005-3460 Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has un...
CVE-2005-3461 Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unkn...
CVE-2005-3462 Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.02 has unkn...
CVE-2005-3463 Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unkn...
CVE-2005-3464 Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46 has unknown...
CVE-2005-3465 Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8....
CVE-2005-3466 Unspecified vulnerability in Enterprise CRM Sales in Oracle 8.81 up to 8.9 has unknown impact and at...
CVE-2005-3467 Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malfo...
S
CVE-2005-3468 Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Ga...
S
CVE-2005-3469 SQL injection vulnerability in index.php in News2Net 3.0.0.0 allows remote attackers to execute arbi...
CVE-2005-3470 SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allow...
S
CVE-2005-3471 Directory traversal vulnerability in the ruleset view for MailWatch for MailScanner 1.0.2 allows rem...
S
CVE-2005-3472 Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local a...
S
CVE-2005-3473 Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.4.5 and earlier allow remot...
CVE-2005-3474 The aries.sys driver in Sony First4Internet XCP DRM software hides any file, registry key, or proces...
CVE-2005-3475 Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a denial of service (infinite loop...
E
CVE-2005-3476 Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, al...
S
CVE-2005-3477 Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows rem...
CVE-2005-3478 SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote a...
E
CVE-2005-3479 Cross-site scripting (XSS) vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attac...
S
CVE-2005-3480 login.asp in Ringtail CaseBook 6.1.0 displays different error messages depending on whether a user e...
S
CVE-2005-3481 Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffe...
CVE-2005-3482 Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol...
S
CVE-2005-3483 Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute a...
E S
CVE-2005-3484 Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arb...
E
CVE-2005-3485 Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code v...
E
CVE-2005-3486 Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers t...
E
CVE-2005-3487 Multiple buffer overflows in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arb...
E
CVE-2005-3488 Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop an...
E
CVE-2005-3489 Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote ...
E
CVE-2005-3490 Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allow...
CVE-2005-3491 Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remot...
E
CVE-2005-3492 FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an ...
E
CVE-2005-3493 Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible por...
E
CVE-2005-3494 Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier allows remote attackers to injec...
E
CVE-2005-3495 Ar-blog 5.2 and earlier allows remote attackers to bypass authentication by modifying cookies....
CVE-2005-3496 Cross-site scripting (XSS) vulnerability in PHP Handicapper allows remote attackers to inject arbitr...
CVE-2005-3497 SQL injection vulnerability in process_signup.php in PHP Handicapper allows remote attackers to exec...
CVE-2005-3498 IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before fixpack ...
CVE-2005-3499 Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version he...
CVE-2005-3500 The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attac...
S
CVE-2005-3501 The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) befor...
E S
CVE-2005-3502 attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of ...
E
CVE-2005-3503 chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not pro...
CVE-2005-3504 Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to c...
S
CVE-2005-3505 Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-...
E
CVE-2005-3506 Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earli...
CVE-2005-3507 Directory traversal vulnerability in CuteNews 1.4.1 allows remote attackers to include arbitrary fil...
E
CVE-2005-3508 SQL injection vulnerability in showGallery.php in Gallery (Galerie) 2.4 allows remote attackers to e...
E
CVE-2005-3509 Multiple SQL injection vulnerabilities in JPortal allow remote attackers to execute arbitrary SQL co...
E
CVE-2005-3510 Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service (CPU consumption)...
S
CVE-2005-3511 Multiple cross-site scripting (XSS) vulnerabilities in Spymac Web OS 4.0 allow remote attackers to i...
E
CVE-2005-3512 Cross-site scripting (XSS) vulnerability in index.php in VUBB alpha rc1 allows remote attackers to i...
E
CVE-2005-3513 index.php in VUBB alpha rc1 allows remote attackers to obtain the installation path of the applicati...
CVE-2005-3514 Multiple cross-site scripting (XSS) vulnerabilities in Chipmunk Forum script allow remote attackers ...
E
CVE-2005-3515 Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote ...
E
CVE-2005-3516 Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Directory script allows remote...
E
CVE-2005-3517 Chipmunk Scripts Guestbook allows remote attackers to obtain the installation path of the script via...
CVE-2005-3518 SQL injection vulnerability in search.php in PunBB 1.2.7 and 1.2.8 allows remote attackers to execut...
E S
CVE-2005-3519 Multiple PHP file inclusion vulnerabilities in MySource 2.14.0 allow remote attackers to execute arb...
E S
CVE-2005-3520 Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 allow remote attackers to inj...
E S
CVE-2005-3521 SQL injection vulnerability in resetcore.php in e107 0.617 through 0.6173 allows remote attackers to...
E S
CVE-2005-3522 Cross-site scripting (XSS) vulnerability in index.jsp in ManageEngine Netflow Analyzer 4.0.2 allows ...
E
CVE-2005-3523 Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary co...
CVE-2005-3524 Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers...
E
CVE-2005-3525 Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave P...
CVE-2005-3526 Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote...
S
CVE-2005-3527 Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial o...
CVE-2005-3528 Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9...
E
CVE-2005-3529 tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the ins...
E
CVE-2005-3530 Cross-site scripting (XSS) vulnerability in Antville 1.1 allows remote attackers to inject arbitrary...
E
CVE-2005-3531 fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab a...
S
CVE-2005-3532 authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally,...
S
CVE-2005-3533 Buffer overflow in OSH before 1.7-15 allows local users to execute arbitrary code via a long current...
S
CVE-2005-3534 Buffer overflow in the Network Block Device (nbd) server 2.7.5 and earlier, and 2.8.0 through 2.8.2,...
S
CVE-2005-3535 Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors....
S
CVE-2005-3536 SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQ...
S
CVE-2005-3537 A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit privat...
S
CVE-2005-3538 hfaxd in HylaFAX 4.2.3, when PAM support is disabled, accepts arbitrary passwords, which allows remo...
S
CVE-2005-3539 Multiple eval injection vulnerabilities in HylaFAX 4.2.3 and earlier allow remote attackers to execu...
E S
CVE-2005-3540 Buffer overflow in petris before 1.0.1 allows remote attackers to execute arbitrary code via unspeci...
CVE-2005-3542 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3508. Reason: This candida...
R
CVE-2005-3543 SQL injection vulnerability in search.php in Phorum 5.0.0alpha through 5.0.20, when register_globals...
E S
CVE-2005-3544 Cross-site scripting (XSS) vulnerability in u2u.php in XMB 1.9.3 allows remote attackers to inject a...
E
CVE-2005-3545 SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allow...
E S
CVE-2005-3546 suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Li...
S
CVE-2005-3547 Cross-site scripting (XSS) vulnerability in Invision Power Board 2.1 allows remote attackers to inje...
S
CVE-2005-3548 Directory traversal vulnerability in Task Manager in Invision Power Board (IP.Board) 2.0.1 allows li...
S
CVE-2005-3549 Direct code injection vulnerability in Task Manager in Invision Power Board 2.0.1 allows limited rem...
S
CVE-2005-3550 Directory traversal vulnerability in admin.php in toendaCMS before 0.6.2 allows remote attackers to ...
S
CVE-2005-3551 toendaCMS before 0.6.2 stores user account and session data in the web root directory, which allows ...
S
CVE-2005-3552 Multiple cross-site scripting (XSS) vulnerabilities in PHPKIT 1.6.1 R2 and earlier allow remote atta...
CVE-2005-3553 Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1 R2 and earlier allow remote at...
E
CVE-2005-3554 Multiple eval injection vulnerabilities in the help function in PHPKIT 1.6.1 R2 and earlier, when re...
E
CVE-2005-3555 Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier allow authenticated remote atta...
E S
CVE-2005-3556 Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attac...
E S
CVE-2005-3557 Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and earlier allows remote ...
E S
CVE-2005-3558 PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remote attackers to execute arbitra...
E
CVE-2005-3559 Directory traversal vulnerability in vmail.cgi in Asterisk 1.0.9 through 1.2.0-beta1 allows remote a...
E
CVE-2005-3560 Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus...
E
CVE-2005-3561 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2954. Reason: This candida...
R
CVE-2005-3562 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2955. Reason: This candida...
R
CVE-2005-3563 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2956. Reason: This candida...
R
CVE-2005-3564 envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown att...
S
CVE-2005-3565 Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in "Trus...
S
CVE-2005-3566 Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local...
E S
CVE-2005-3567 slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which ...
S
CVE-2005-3568 db2fmp process in IBM DB2 Content Manager before 8.2 Fix Pack 10 allows local users to cause a denia...
S
CVE-2005-3569 INSO service in IBM DB2 Content Manager before 8.2 Fix Pack 10 on AIX allows attackers to cause a de...
CVE-2005-3570 Unspecified cross-site scripting (XSS) vulnerability in Horde before 2.2.9 allows remote attackers t...
S
CVE-2005-3571 PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1....
CVE-2005-3572 SQL injection vulnerability in index.php in Peel 2.6 through 2.7 allows remote attackers to execute ...
CVE-2005-3573 Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-m...
CVE-2005-3574 PHP file inclusion vulnerability in index.php of iCMS allows remote attackers to include arbitrary f...
CVE-2005-3575 SQL injection vulnerability in show.php in Cyphor 0.19 and earlier allows remote attackers to execut...
E
CVE-2005-3576 ts.exe in Walla TeleSite 3.0 and earlier allows remote attackers to access privileged information by...
E
CVE-2005-3577 Cross-site scripting vulnerability (XSS) in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier al...
E
CVE-2005-3578 SQL injection vulnerability in ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote a...
E
CVE-2005-3579 ts.exe (aka ts.cgi) in Walla TeleSite 3.0 and earlier allows remote attackers to access arbitrary lo...
E
CVE-2005-3580 QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared ob...
S
CVE-2005-3581 GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared obj...
S
CVE-2005-3582 ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a s...
S
CVE-2005-3583 (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1....
CVE-2005-3584 Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers ...
E
CVE-2005-3585 SQL injection vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to execute ar...
CVE-2005-3586 content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to obtain the installation path o...
E
CVE-2005-3587 Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to pe...
S
CVE-2005-3588 SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 allows remote attackers to execut...
CVE-2005-3589 Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of ...
S
CVE-2005-3590 The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zer...
S
CVE-2005-3591 Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so befor...
E S
CVE-2005-3592 index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation ...
CVE-2005-3594 game_score.php in e107 allows remote attackers to insert high scores via HTTP POST methods utilizing...
CVE-2005-3595 By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator ac...
E
CVE-2005-3596 SQL injection vulnerability in ASPKnowledgebase allows remote attackers to execute arbitrary SQL com...
CVE-2005-3597 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3573. Reason: This candida...
R
CVE-2005-3618 Cross-site request forgery (CSRF) vulnerability in the management interface for VMware ESX Server 2....
CVE-2005-3619 Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5...
E
CVE-2005-3620 The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch ...
CVE-2005-3621 CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP ...
S
CVE-2005-3622 phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via...
CVE-2005-3623 nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access ...
S
CVE-2005-3624 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, t...
E S
CVE-2005-3625 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and oth...
E S
CVE-2005-3626 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and oth...
E S
CVE-2005-3627 Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextra...
E S
CVE-2005-3628 Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in produ...
S
CVE-2005-3629 initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables whe...
S
CVE-2005-3630 Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as t...
S
CVE-2005-3631 udev does not properly set permissions on certain files in /dev/input, which allows local users to o...
S
CVE-2005-3632 Multiple buffer overflows in pnmtopng in netpbm 10.0 and earlier allow attackers to execute arbitrar...
S
CVE-2005-3633 HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 throu...
E
CVE-2005-3634 frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote ...
E
CVE-2005-3635 Multiple cross-site scripting (XSS) vulnerabilities in SAP Web Application Server (WAS) 6.10 through...
E
CVE-2005-3636 Cross-site scripting (XSS) vulnerability in SAP Web Application Server (WAS) 6.10 allows remote atta...
E
CVE-2005-3637 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3530. Reason: This candida...
R
CVE-2005-3638 Cross-site scripting (XSS) vulnerabilities in Ekinboard 1.0.3 allow remote attackers to inject arbit...
E
CVE-2005-3639 PHP file inclusion vulnerability in the osTicket module in Help Center Live before 2.0.3 allows remo...
S
CVE-2005-3640 Multiple buffer overflows in the IMAP Groupware Mail server of Floosietek FTGate (FTGate4) 4.1 allow...
E
CVE-2005-3641 Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to ...
CVE-2005-3642 IBM Informix Dynamic Database server running on Windows XP with Simple File Sharing enabled, allows ...
CVE-2005-3643 IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attack...
CVE-2005-3644 PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possi...
E
CVE-2005-3645 phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the app...
S
CVE-2005-3646 Multiple SQL injection vulnerabilities in lib-sessions.inc.php in phpAdsNew and phpPgAds 2.0.6 and p...
E S
CVE-2005-3647 Folder Guard allows local users to bypass protections by running from or installing to the temporary...
CVE-2005-3648 Multiple SQL injection vulnerabilities in the get_record function in datalib.php in Moodle 1.5.2 all...
E S
CVE-2005-3649 jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump par...
E S
CVE-2005-3650 The CodeSupport.ocx ActiveX control, as used by Sony to uninstall the First4Internet XCP DRM, has "s...
CVE-2005-3651 Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol diss...
S
CVE-2005-3652 Heap-based buffer overflow in Citrix Program Neighborhood client 9.0 and earlier allows remote attac...
S
CVE-2005-3653 Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology ...
S
CVE-2005-3654 Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (cr...
S
CVE-2005-3655 Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SU...
E
CVE-2005-3656 Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when use...
S
CVE-2005-3657 The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSaf...
CVE-2005-3658 Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2...
S
CVE-2005-3659 nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other prod...
E S
CVE-2005-3660 Linux kernel 2.4 and 2.6 allows attackers to cause a denial of service (memory exhaustion and panic)...
S
CVE-2005-3661 Dell TrueMobile 2300 Wireless Broadband Router running firmware 3.0.0.8 and 5.1.1.6, and possibly ot...
CVE-2005-3662 Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alpha...
S
CVE-2005-3663 Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to ga...
CVE-2005-3664 Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, An...
CVE-2005-3665 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attacker...
S
CVE-2005-3666 Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Intern...
CVE-2005-3667 Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchang...
CVE-2005-3668 Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1...
CVE-2005-3669 Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation i...
CVE-2005-3670 Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation i...
E S
CVE-2005-3671 The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, ...
E S
CVE-2005-3672 The Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2....
CVE-2005-3673 The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote att...
CVE-2005-3674 The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 an...
CVE-2005-3675 The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwi...
CVE-2005-3676 SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute...
E
CVE-2005-3677 Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary ...
CVE-2005-3678 Google Talk before 1.0.0.76, with email notification enabled, allows remote attackers to cause a den...
CVE-2005-3679 SQL injection vulnerability in admin/index.php in ActiveCampaign 1-2-All Broadcast Email allows remo...
E
CVE-2005-3680 Directory traversal vulnerability in editor_registry.php in XOOPS 2.2.3 allows remote attackers to r...
E
CVE-2005-3681 SQL injection vulnerability in viewcat.php in XOOPS WF-Downloads module 2.05 allows remote attackers...
E
CVE-2005-3682 Multiple SQL injection vulnerabilities in Wizz Forum 1.20 allow remote attackers to execute arbitrar...
CVE-2005-3683 Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers t...
E S
CVE-2005-3684 Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated att...
S
CVE-2005-3685 Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote...
E
CVE-2005-3686 SQL injection vulnerability in search.inc.php in Unclassified NewsBoard before 1.5.3 Patch 4 allows ...
S
CVE-2005-3687 cancel_account.php in WHM AutoPilot 2.5.30 and earlier allows remote attackers to cancel requests fo...
CVE-2005-3688 Cross-site scripting (XSS) vulnerability in members.php in XMB 1.9.3 and earlier allows remote attac...
E
CVE-2005-3689 post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid par...
E
CVE-2005-3690 Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and ear...
S
CVE-2005-3691 Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 a...
S
CVE-2005-3692 Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server 4.2 (build 0824) and earlier a...
CVE-2005-3693 The AxWebRemoveCtrl ActiveX control for uninstalling the SunnComm MediaMax DRM allows remote attacke...
CVE-2005-3694 centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a...
CVE-2005-3695 Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 a...
E
CVE-2005-3696 SQL injection vulnerability in Arki-DB 1.0 and 2.0 allows remote attackers to execute arbitrary SQL ...
E
CVE-2005-3697 Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote atta...
CVE-2005-3698 PHP Easy Download allows remote attackers to bypass authentication via edit.php....
CVE-2005-3699 Opera Web Browser 8.50 and 8.0 through 8.0.2 allows remote attackers to spoof the URL in the status ...
E
CVE-2005-3700 Unknown vulnerability in iodbcadmintool in the ODBC Administrator utility in Mac OS X and OS X Serve...
S
CVE-2005-3701 Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an O...
S
CVE-2005-3702 Safari in Mac OS X and OS X Server 10.3.9 and 10.4.3 allows remote attackers to cause files to be do...
S
CVE-2005-3703 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2272. Reason: This candida...
R
CVE-2005-3704 System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof s...
S
CVE-2005-3705 Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in appli...
S
CVE-2005-3706 Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent att...
S
CVE-2005-3707 Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code vi...
S
CVE-2005-3708 Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code v...
S
CVE-2005-3709 Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of servi...
S
CVE-2005-3710 Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code v...
S
CVE-2005-3711 Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code v...
S
CVE-2005-3712 Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated user...
S
CVE-2005-3713 Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitr...
S
CVE-2005-3714 The network interface for Apple AirPort Express 6.x before Firmware Update 6.3, and AirPort Extreme ...
S
CVE-2005-3715 Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 avai...
CVE-2005-3716 The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 h...
CVE-2005-3717 The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6...
CVE-2005-3718 UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users...
CVE-2005-3719 Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows...
S
CVE-2005-3720 The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 lists sensitive in...
S
CVE-2005-3721 The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not requir...
S
CVE-2005-3722 The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows remote attackers to gain read ...
S
CVE-2005-3723 Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disable access to (1) SNMP or (2) TC...
S
CVE-2005-3724 Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive informat...
CVE-2005-3725 Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, whi...
CVE-2005-3726 SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbi...
S
CVE-2005-3727 SQL injection vulnerability in debug/query_results.jsp in Idetix Software Systems Revize CMS allows ...
E
CVE-2005-3728 Idetix Software Systems Revize CMS stores conf/revize.xml under the web document root with insuffici...
E
CVE-2005-3729 Idetix Software Systems Revize CMS allows remote attackers to obtain sensitive information via direc...
E
CVE-2005-3730 Multiple cross-site scripting (XSS) vulnerabilities in HTTPTranslatorServlet in Idetix Software Syst...
E
CVE-2005-3731 Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and attack vectors, related to "c...
S
CVE-2005-3732 The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools b...
S
CVE-2005-3733 The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for ...
CVE-2005-3734 Cross-site scripting (XSS) vulnerability in the "add content" page in phpMyFAQ 1.5.3 and earlier all...
E S
CVE-2005-3735 Multiple SQL injection vulnerabilities in e-Quick Cart allow remote attackers to execute arbitrary S...
E
CVE-2005-3736 Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject...
E
CVE-2005-3737 Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote a...
E S
CVE-2005-3738 globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remot...
E
CVE-2005-3739 Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and earlier allows remote attacker...
S
CVE-2005-3740 Multiple SQL injection vulnerabilities in PHP-Fusion 6.00.206 and earlier allow remote attackers to ...
E S
CVE-2005-3741 Almond Classifieds does not properly verify the password, which allows attackers to bypass access re...
CVE-2005-3742 Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remo...
E
CVE-2005-3743 SQL injection vulnerability in results.php in SimplePoll allows remote attackers to execute arbitrar...
E
CVE-2005-3744 SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to e...
CVE-2005-3745 Cross-site scripting (XSS) vulnerability in Apache Struts 1.2.7, and possibly other versions allows ...
E S
CVE-2005-3746 SQL injection vulnerability in thread.php in APBoard allows remote attackers to execute arbitrary SQ...
E
CVE-2005-3747 Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP...
S
CVE-2005-3748 SQL injection vulnerability in the Search module in Tru-Zone Nuke ET 3.2, and possibly earlier versi...
E S
CVE-2005-3749 Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5...
S
CVE-2005-3750 Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via sh...
S
CVE-2005-3751 HTTP request smuggling vulnerability in Pound before 1.9.4 allows remote attackers to poison web cac...
CVE-2005-3752 Unspecified vulnerability in ldapdiff before 1.1.1 has unknown impact and attack vectors, related to...
S
CVE-2005-3753 Linux kernel before after 2.6.12 and before 2.6.13.1 might allow attackers to cause a denial of serv...
CVE-2005-3754 Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search...
E S
CVE-2005-3755 Directory traversal vulnerability in Google Mini Search Appliance, and possibly Google Search Applia...
S
CVE-2005-3756 Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port ...
E S
CVE-2005-3757 The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows ...
E S
CVE-2005-3758 Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance, and possibly Google Search...
CVE-2005-3759 Multiple cross-site scripting (XSS) vulnerabilities in Horde before 3.0.7 allow remote attackers to ...
S
CVE-2005-3760 Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allo...
S
CVE-2005-3761 Cross-site scripting (XSS) vulnerability in Exponent CMS 0.96.3 and later versions allows remote att...
CVE-2005-3762 SQL injection vulnerability in the navigation module (navigationmodule) in Exponent CMS 0.96.3 and l...
E
CVE-2005-3763 Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to ...
CVE-2005-3764 The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not proper...
CVE-2005-3765 Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permi...
CVE-2005-3766 Exponent CMS 0.96.3 and later versions stores sensitive user pages under the web document root with ...
CVE-2005-3767 Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which...
CVE-2005-3768 Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VP...
S
CVE-2005-3769 SQL injection vulnerability in files.php in PHP Download Manager 1.1.3 and earlier allows remote att...
E
CVE-2005-3770 Multiple cross-site scripting (XSS) vulnerabilities in PHP-Post (PHPp) 1.0 allow remote attackers to...
E
CVE-2005-3771 Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers t...
S
CVE-2005-3772 Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arb...
S
CVE-2005-3773 Unspecified vulnerability in Joomla! before 1.0.4 has unknown impact and attack vectors, related to ...
S
CVE-2005-3774 Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections)...
CVE-2005-3775 PHP remote file inclusion vulnerability in pollvote.php in PollVote allows remote attackers to inclu...
CVE-2005-3776 Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allow ...
CVE-2005-3777 MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to delete or move private messages (P...
CVE-2005-3778 Unspecified vulnerability in MyBulletinBoard (MyBB) before 1.0 PR2 Rev 686 allows attackers to cause...
CVE-2005-3779 Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain priv...
CVE-2005-3780 Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) me...
CVE-2005-3781 Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via...
S
CVE-2005-3782 Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show t...
E
CVE-2005-3783 The ptrace functionality (ptrace.c) in Linux kernel 2.6 before 2.6.14.2, using CLONE_THREAD, does no...
CVE-2005-3784 The auto-reap of child processes in Linux kernel 2.6 before 2.6.15 includes processes with ptrace at...
CVE-2005-3785 Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX (eix) before 0.5.0_pre2 allows loc...
S
CVE-2005-3786 Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management ...
S
CVE-2005-3787 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote atta...
S
CVE-2005-3788 Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), and 7.0(4), when running w...
CVE-2005-3789 Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitra...
E
CVE-2005-3790 Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow rem...
E
CVE-2005-3791 HTTP response splitting vulnerability in phpAdsNew and phpPgAds 2.0.6 and earlier allows remote atta...
S
CVE-2005-3792 Multiple SQL injection vulnerabilities in the Search module in PHP-Nuke 7.8, and possibly other vers...
E
CVE-2005-3793 Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attacker...
CVE-2005-3794 AlstraSoft Affiliate Network Pro 7.2 allows remote attackers to obtain sensitive information via a d...
CVE-2005-3795 Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow re...
CVE-2005-3796 Direct static code injection vulnerability in admin_options_manage.php in AlstraSoft Affiliate Netwo...
CVE-2005-3797 PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25...
E
CVE-2005-3798 SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote ...
CVE-2005-3799 phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which ge...
E
CVE-2005-3800 Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak algorithm to encrypt user pass...
S
CVE-2005-3801 CounterPane PasswordSafe 1.x and 2.x allows local users to test possible encryption keys against a s...
CVE-2005-3802 Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate...
CVE-2005-3803 Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP comm...
S
CVE-2005-3804 Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which all...
S
CVE-2005-3805 A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when run...
CVE-2005-3806 The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before...
S
CVE-2005-3807 Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local...
CVE-2005-3808 Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6....
S
CVE-2005-3809 The nfattr_to_tcp function in ip_conntrack_proto_tcp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6...
CVE-2005-3810 ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cau...
CVE-2005-3811 Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) an...
CVE-2005-3812 freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and...
E
CVE-2005-3813 IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterprise 1.1 allows remote authentic...
E S
CVE-2005-3814 Multiple cross-site scripting (XSS) vulnerabilities in SmartPPC Pro allow remote attackers to inject...
E
CVE-2005-3815 SQL injection vulnerability in forum.php in Orca Forum 4.3b and earlier allows remote attackers to e...
E
CVE-2005-3816 Multiple SQL injection vulnerabilities in forum.php in freeForum 1.1 and earlier and earlier allow r...
CVE-2005-3817 Multiple SQL injection vulnerabilities in Softbiz Web Host Directory Script 1.1 and earlier allow re...
E
CVE-2005-3818 Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 4.2 and earlier allow remote attac...
E
CVE-2005-3819 Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to injec...
E
CVE-2005-3820 Multiple directory traversal vulnerabilities in index.php in vTiger CRM 4.2 and earlier allow remote...
E
CVE-2005-3821 Cross-site scripting (XSS) vulnerability in vTiger CRM 4.2 and earlier allows remote attackers to in...
CVE-2005-3822 Multiple SQL injection vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to execu...
CVE-2005-3823 The Users module in vTiger CRM 4.2 and earlier allows remote attackers to execute arbitrary PHP code...
CVE-2005-3824 The uploads module in vTiger CRM 4.2 and earlier allows remote attackers to upload arbitrary files, ...
CVE-2005-3825 SQL injection vulnerability in index.php in Comdev Vote Caster 3.1 and earlier allows remote attacke...
E
CVE-2005-3826 Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote attackers to execute arbitrar...
CVE-2005-3827 SQL injection vulnerability in product_cat in AgileBill 1.4.92 and earlier allows remote attackers t...
E
CVE-2005-3828 SQL injection vulnerability in index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows r...
CVE-2005-3829 index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a deni...
CVE-2005-3830 index.php in ActiveCampaign SupportTrio 1.4 and earlier allows remote attackers to read or include a...
CVE-2005-3831 Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject product...
S
CVE-2005-3832 Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject product...
S
CVE-2005-3833 SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier allows remote attackers to exe...
E
CVE-2005-3834 Cross-site scripting (XSS) vulnerability in search.php in Tunez 1.21 and earlier allows remote attac...
E
CVE-2005-3835 PHP remote file inclusion vulnerability in support/index.php in DeskLance 2.3 and earlier allows rem...
E
CVE-2005-3836 SQL injection vulnerability in DeskLance 2.3 and earlier allows remote attackers to execute arbitrar...
E
CVE-2005-3837 Cross-site scripting (XSS) vulnerability in the search module in sCssBoard 1.2 and 1.12, and earlier...
CVE-2005-3838 Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allo...
E
CVE-2005-3839 Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk allows remote attackers to inject...
CVE-2005-3840 SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to ex...
CVE-2005-3841 Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), and possibly other versions, ...
E
CVE-2005-3842 SQL injection vulnerability in index.php in pdjk-support suite 1.1a and earlier allows remote attack...
E
CVE-2005-3843 SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows remote attackers to execute arb...
CVE-2005-3844 SQL injection vulnerability in phpWordPress PHP News and Article Manager 3.0 allows remote attackers...
CVE-2005-3845 SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute...
CVE-2005-3846 SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers ...
CVE-2005-3847 The handle_stop_signal function in signal.c in Linux kernel 2.6.11 up to other versions before 2.6.1...
S
CVE-2005-3848 Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote at...
CVE-2005-3849 Cross-site scripting (XSS) vulnerability in the Search module in PmWiki up to 2.0.12 allows remote a...
E S
CVE-2005-3850 Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite...
CVE-2005-3851 Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 ...
CVE-2005-3852 SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0...
CVE-2005-3853 SQL injection vulnerability in snews.php in sNews 1.3 and earlier allows remote attackers to execute...
CVE-2005-3854 Cross-site scripting (XSS) vulnerability in index.php in EasyPageCMS allows remote attackers to inje...
E
CVE-2005-3855 SQL injection vulnerability in process.php in 1-2-3 music store allows remote attackers to execute a...
E
CVE-2005-3856 The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in ...
S
CVE-2005-3857 The time_out_leases function in locks.c for Linux kernel before 2.6.15-rc3 allows local users to cau...
CVE-2005-3858 Memory leak in the ip6_input_finish function in ip6_input.c in Linux kernel 2.6.12 and earlier might...
CVE-2005-3859 PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to execu...
E
CVE-2005-3860 PHP remote file inclusion vulnerability in athena.php in Oliver May Athena PHP Website Administratio...
E
CVE-2005-3861 PHP remote file inclusion vulnerability in content.php in phpGreetz 0.99 and earlier allows remote a...
E
CVE-2005-3862 Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file...
E S
CVE-2005-3863 Stack-based buffer overflow in kkstrtext.h in ktools library 0.3 and earlier, as used in products su...
S
CVE-2005-3864 SQL injection vulnerability in index.php in SourceWell 1.1.2 and earlier allows remote attackers to ...
CVE-2005-3865 SQL injection vulnerability in index.php in AllWeb search 3.0 and earlier allows remote attackers to...
E
CVE-2005-3866 Cross-site scripting (XSS) vulnerability in SearchFeed Search Engine 1.3.2 and earlier allows remote...
E
CVE-2005-3867 Cross-site scripting (XSS) vulnerability in RevenuePilot Search Engine Script 1.2.0 and earlier allo...
CVE-2005-3868 Multiple SQL injection vulnerabilities in K-Search 1.0 and earlier allow remote attackers to execute...
E
CVE-2005-3869 Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows ...
CVE-2005-3870 Multiple SQL injection vulnerabilities in edmobbs9r.php in edmoBBS 0.9 and earlier allow remote atta...
E
CVE-2005-3871 Multiple SQL injection vulnerabilities in Joels Bulletin board (JBB) 0.9.9rc3 and earlier allow remo...
CVE-2005-3872 Multiple SQL injection vulnerabilities in Ugroup 2.6.2 and earlier allow remote attackers to execute...
E
CVE-2005-3873 SQL injection vulnerability in topic.php in ShockBoard 3.0 and 4.0 allows remote attackers to execut...
E
CVE-2005-3874 SQL injection vulnerability in netzbr.php in Netzbrett 1.5.1 and earlier allows remote attackers to ...
E
CVE-2005-3875 Multiple SQL injection vulnerabilities in Enterprise Connector 1.0.2 and earlier allow remote attack...
CVE-2005-3876 Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center ADC2000 NG Pro 1.2 and NG Pro ...
CVE-2005-3877 Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earli...
CVE-2005-3878 Directory traversal vulnerability in index.php in PHP Doc System 1.5.1 and earlier allows remote att...
CVE-2005-3879 Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow r...
E
CVE-2005-3880 Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to e...
CVE-2005-3881 SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier al...
CVE-2005-3882 SQL injection vulnerability in answer.php in FAQSystems FAQRing Knowledge Base Software 3.0 and earl...
CVE-2005-3883 CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote att...
S
CVE-2005-3884 Multiple SQL injection vulnerabilities in the search action in Zainu 2.0 and earlier allow remote at...
E
CVE-2005-3885 The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwr...
S
CVE-2005-3886 Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Wind...
S
CVE-2005-3887 Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attack...
E
CVE-2005-3888 Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC ...
S
CVE-2005-3889 Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a ...
S
CVE-2005-3890 Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) v...
S
CVE-2005-3891 Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (...
S
CVE-2005-3892 Gadu-Gadu 7.20 allows remote attackers to eavesdrop on a user via a web page that accesses the Easyc...
S
CVE-2005-3893 Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 throug...
E S
CVE-2005-3894 Multiple cross-site scripting (XSS) vulnerabilities in index.pl in Open Ticket Request System (OTRS)...
E S
CVE-2005-3895 Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownlo...
S
CVE-2005-3896 Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY...
E
CVE-2005-3897 Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Java...
CVE-2005-3898 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3567. Reason: This candida...
R
CVE-2005-3899 The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CP...
CVE-2005-3900 Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently ...
S
CVE-2005-3901 Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP dat...
S
CVE-2005-3902 Cross-site scripting (XSS) vulnerability in gui/errordocs/index.php in Virtual Hosting Control Syste...
E S
CVE-2005-3903 Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary ...
S
CVE-2005-3904 Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4....
S
CVE-2005-3905 Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and ...
S
CVE-2005-3906 Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and...
S
CVE-2005-3907 Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier a...
S
CVE-2005-3908 Cross-site scripting (XSS) vulnerability in search.php in GhostScripter Amazon Shop 5.0.0, and other...
E
CVE-2005-3909 SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 2.0.4 and earlier allows re...
E
CVE-2005-3910 merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows ...
CVE-2005-3911 Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 and earlier allow remote atta...
E
CVE-2005-3912 Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before...
S
CVE-2005-3913 Unspecified vulnerability in the domain alias management in Virtual Hosting Control System (VHCS) 2....
S
CVE-2005-3914 Multiple SQL injection vulnerabilities in AFFcommerce 1.1.4 allow remote attackers to execute arbitr...
E
CVE-2005-3915 The Internet Key Exchange version 1 (IKEv1) implementation in Clavister Client Web allows remote att...
S
CVE-2005-3916 SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows remote attackers to execute a...
E
CVE-2005-3917 SQL injection vulnerability in usersession in CommodityRentals 2.0 Online Rental Business Creator sc...
S
CVE-2005-3918 Multiple SQL injection vulnerabilities in OvBB 0.08a allow remote attackers to execute arbitrary SQL...
E
CVE-2005-3919 Cross-site scripting (XSS) vulnerability in PBLang 4.65 allows remote attackers to inject arbitrary ...
E
CVE-2005-3920 SQL injection vulnerability in Babe Logger 2 allows remote attackers to execute arbitrary SQL comman...
E
CVE-2005-3921 Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote atta...
E
CVE-2005-3922 Heap-based buffer overflow in pskcmp.dll in Panda Software Antivirus library allows remote attackers...
CVE-2005-3923 NetObjects Fusion 9 (NOF9) allows remote attackers to obtain sensitive information, including passwo...
CVE-2005-3924 SQL injection vulnerability in themes/kategorie/index.php in Randshop allows remote attackers to exe...
E
CVE-2005-3925 Multiple SQL injection vulnerabilities in Central Manchester CLC Helpdesk Issue Manager 0.9 and earl...
E
CVE-2005-3926 Direct static code injection vulnerability in error.php in GuppY 4.5.9 and earlier, when register_gl...
E
CVE-2005-3927 Multiple directory traversal vulnerabilities in GuppY 4.5.9 and earlier allow remote attackers to re...
E
CVE-2005-3928 Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a...
E
CVE-2005-3929 Directory traversal vulnerability in the create function in xarMLSXML2PHPBackend.php in Xaraya 1.0 a...
E
CVE-2005-3930 SQL injection vulnerability in index.php in N-13 News 1.2 allows remote attackers to execute arbitra...
E
CVE-2005-3931 SQL injection vulnerability in default.asp in ASP-Rider 1.6 allows remote attackers to execute arbit...
CVE-2005-3932 SQL injection vulnerability in okiraku.php in O-Kiraku Nikki 1.3 and earlier allows remote attackers...
E
CVE-2005-3933 SQL injection vulnerability in index.php in 88Script's Event Calendar 2.0 and earlier allows remote ...
E
CVE-2005-3934 Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote a...
S
CVE-2005-3935 SQL injection vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to execute arbitra...
E
CVE-2005-3936 PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbi...
CVE-2005-3937 SQL injection vulnerability in Softbiz B2B Trading Marketplace Script 1.1 and earler allows remote a...
E
CVE-2005-3938 SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute ...
E
CVE-2005-3939 Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote attackers...
E
CVE-2005-3940 SQL injection vulnerability in ringmaker.php in Orca Ringmaker 2.3c and earlier allows remote attack...
E S
CVE-2005-3941 SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to exe...
E S
CVE-2005-3942 SQL injection vulnerability in knowledgebase-control.php in Orca Knowledgebase 2.1b and earlier allo...
E S
CVE-2005-3943 Multiple SQL injection vulnerabilities in ilyav FAQ System 1.1 and earlier allows remote attackers t...
E
CVE-2005-3944 SQL injection vulnerability in survey.php in ilyav Survey System 1.1 and earlier allows remote attac...
E
CVE-2005-3945 The SynAttackProtect protection in Microsoft Windows 2003 before SP1 and Windows 2000 before SP4 wit...
CVE-2005-3946 Opera 8.50 allows remote attackers to cause a denial of service (crash) via a Java applet with a lar...
E
CVE-2005-3947 Directory traversal vulnerability in index.php in PHP Upload Center allows remote attackers to read ...
E
CVE-2005-3948 Directory traversal vulnerability in main.php in PHPAlbum 0.2.3 and earlier allows remote attackers ...
E S
CVE-2005-3949 Multiple SQL injection vulnerabilities in WebCalendar 1.0.1 allow remote attackers to execute arbitr...
CVE-2005-3950 nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users to cause a denial of service v...
S
CVE-2005-3951 SQL injection vulnerability in survey.php in PHP Labs Survey Wizard allows remote attackers to execu...
CVE-2005-3952 SQL injection vulnerability in PHP Labs Top Auction allows remote attackers to execute arbitrary SQL...
E
CVE-2005-3953 SQL injection vulnerability in Bedeng PSP 1.1 allows remote attackers to execute arbitrary SQL comma...
E
CVE-2005-3954 Cross-site scripting (XSS) vulnerability in blogBuddies 0.3 allows remote attackers to inject arbitr...
E S
CVE-2005-3955 Multiple cross-site scripting (XSS) vulnerabilities in MagpieRSS 7.1, as used in (a) blogBuddiesv 0....
E S
CVE-2005-3956 Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 and 0.910 allow remote attacker...
E
CVE-2005-3957 Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and at...
S
CVE-2005-3958 SQL injection vulnerability in index.php in Entergal MX 2.0 allows remote attackers to execute arbit...
E
CVE-2005-3959 Multiple cross-site scripting (XSS) vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers ...
E
CVE-2005-3960 Kadu 0.4.2 and 0.5.0pre allows remote attackers to cause a denial of service (crash or generated tra...
CVE-2005-3961 export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files ...
CVE-2005-3962 Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl ...
S
CVE-2005-3963 SQL injection vulnerability in session.php in DotClear before 1.2.3 allows remote attackers to execu...
E S
CVE-2005-3964 Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, all...
CVE-2005-3965 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-2607. Reason: This candida...
R
CVE-2005-3966 Cross-site scripting (XSS) vulnerability in search.jsp in Java Search Engine (JSE) 0.9.34 allows rem...
E
CVE-2005-3967 Cross-site scripting (XSS) vulnerability in the dosearchsite.action module in Atlassian Confluence 2...
S
CVE-2005-3968 SQL injection vulnerability in auth.inc.php in PHPX 3.5.9 and earlier allows remote attackers to exe...
E S
CVE-2005-3969 SQL injection vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attackers to execute ...
S
CVE-2005-3970 Cross-site scripting (XSS) vulnerability in MXChange before 0.2.0-pre10 PL492 allows remote attacker...
S
CVE-2005-3971 Cross-site scripting (XSS) vulnerability in the login form in Citrix MetaFrame Secure Access Manager...
S
CVE-2005-3972 Cross-site scripting (XSS) vulnerability in extremesearch.php in Extreme Search Corporate Edition 6....
E
CVE-2005-3973 Multiple cross-site scripting (XSS) vulnerabilities in Drupal 4.5.0 through 4.5.5 and 4.6.0 through ...
S
CVE-2005-3974 Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3, when running on PHP5, does not correctly enforce...
S
CVE-2005-3975 Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 allows rem...
S
CVE-2005-3976 SQL injection vulnerability in type.asp, as used in multiple DUware products including (1) DUamazon ...
CVE-2005-3977 Cross-site scripting (XSS) vulnerability in QualityEBiz Quality PPC 1553 allows remote attackers to ...
CVE-2005-3978 Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition 1.0.1, Professional Edition...
E
CVE-2005-3979 relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after instal...
CVE-2005-3980 SQL injection vulnerability in the ticket query module in Edgewall Trac 0.9 and possibly earlier all...
E S
CVE-2005-3981 NOTE: this issue has been disputed by third parties. Microsoft Windows XP, 2000, and 2003 allows lo...
E
CVE-2005-3982 CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers ...
S
CVE-2005-3983 Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when acces...
CVE-2005-3984 SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL co...
S
CVE-2005-3985 The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 all...
S
CVE-2005-3986 Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and earlier allow remote attackers...
CVE-2005-3987 Multiple SQL injection vulnerabilities in Tradesoft CMS allow remote attackers to execute arbitrary ...
CVE-2005-3988 SQL injection vulnerability in article.php in Pineapple Technologies Lore 1.5.4 allows remote attack...
E
CVE-2005-3989 Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows re...
S
CVE-2005-3990 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3619. Reason: This candida...
R
CVE-2005-3991 Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat 0.14.6 allow remote attackers to in...
E
CVE-2005-3992 Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers t...
E
CVE-2005-3993 Multiple unspecified vulnerabilities in MailEnable Professional 1.6 and earlier and Enterprise 1.1 a...
S
CVE-2005-3994 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3967. Reason: This candida...
R
CVE-2005-3995 Format string vulnerability in the dosyslog function in the OBEX server (obexsrv.c) for Sobexsrv bef...
E S
CVE-2005-3996 SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows re...
E
CVE-2005-3997 Zen Cart 1.2.6d and earlier, under certain PHP configurations, allows remote attackers to obtain sen...
CVE-2005-3998 Cross-site scripting (XSS) vulnerability in search.asp in Solupress News 1.0 and earlier allows remo...
E
CVE-2005-3999 Cross-site scripting (XSS) vulnerability in Search.asp in SiteBeater MP3 Catalog 2.03 and earlier al...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.