Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0193 | 1 Isync | 1 Mrouter | 2025-04-03 | N/A |
| Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code. | ||||
| CVE-2005-0207 | 4 Conectiva, Linux, Redhat and 1 more | 5 Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-04-03 | N/A |
| Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT. | ||||
| CVE-2005-0246 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2025-04-03 | N/A |
| The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays. | ||||
| CVE-2005-0263 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument. | ||||
| CVE-2005-0283 | 1 David Barrett | 1 Qwikiwiki | 2025-04-03 | N/A |
| Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter. | ||||
| CVE-2005-0285 | 1 Bottomline | 1 Webseries Payment Application | 2025-04-03 | N/A |
| Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs. | ||||
| CVE-2002-1067 | 1 Seh | 1 Ic9 Pocket Print Server Firmware | 2025-04-03 | N/A |
| Administrative web interface for IC9 Pocket Print Server Firmware 7.1.30 and 7.1.36f allows remote attackers to cause a denial of service (reboot and reset) via a long password, possibly due to a buffer overflow. | ||||
| CVE-2002-0057 | 1 Microsoft | 4 Internet Explorer, Sql Server, Windows Xp and 1 more | 2025-04-03 | N/A |
| XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source. | ||||
| CVE-2005-0307 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters. | ||||
| CVE-2005-4547 | 1 Epic Designs | 1 Eggblog | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in home/search.php in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the q parameter, as used by the Keyword and Search fields. | ||||
| CVE-2005-0314 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in user.php in Magic Winmail Server 4.0 Build 1112 allows remote attackers to inject arbitrary web script or HTML via the personal information fields. | ||||
| CVE-2005-0336 | 1 Emotion | 1 Mediapartner Web Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to inject arbitrary HTML or web script, as demonstrated using a URL containing .. sequences and HTML, which results in a directory browsing page that does not properly filter the HTML. | ||||
| CVE-2005-4557 | 3 Deerfield, Icewarp, Merak | 3 Visnetic Mail Server, Web Mail, Mail Server | 2025-04-03 | N/A |
| dir/include.html in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, allows remote attackers to include arbitrary local files via a null byte (%00) in the lang parameter, possibly due to a directory traversal vulnerability. | ||||
| CVE-2005-0341 | 1 Apple | 1 Safari | 2025-04-03 | N/A |
| Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks. | ||||
| CVE-2005-0362 | 1 Awstats | 1 Awstats | 2025-04-03 | N/A |
| awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters. | ||||
| CVE-2005-4567 | 1 Floosietek | 1 Ftgate | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts. | ||||
| CVE-2006-1045 | 2 Mozilla, Redhat | 2 Thunderbird, Enterprise Linux | 2025-04-03 | N/A |
| The HTML rendering engine in Mozilla Thunderbird 1.5, when "Block loading of remote images in mail messages" is enabled, does not properly block external images from inline HTML attachments, which could allow remote attackers to obtain sensitive information, such as application version or IP address, when the user reads the email and the external image is accessed. | ||||
| CVE-2002-1081 | 1 Aprelium Technologies | 1 Abyss Web Server | 2025-04-03 | N/A |
| The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character. | ||||
| CVE-2002-0095 | 1 Fraunhofer Fit | 1 Bscw | 2025-04-03 | N/A |
| The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed. | ||||
| CVE-2002-1089 | 1 Oracle | 2 Application Server, Reports | 2025-04-03 | N/A |
| rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks. | ||||