Total
258074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3496 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause denial of service (crash) via an invalid AFP request that triggers an unchecked error condition. | |||||
| CVE-2005-3104 | 1 Six Apart | 1 Movable Type | 2023-12-10 | 2.6 LOW | N/A |
| mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via URLs in comments. | |||||
| CVE-2005-3859 | 1 Q-news | 1 Q-news | 2023-12-10 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in q-news.php in Q-News 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the id parameter. | |||||
| CVE-2005-3529 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2023-12-10 | 5.0 MEDIUM | N/A |
| tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the installation path via an invalid topics_sort_mode parameter, possibly related to an SQL injection vulnerability. | |||||
| CVE-2005-0119 | 1 Helvis | 1 Helvis | 2023-12-10 | 2.1 LOW | N/A |
| helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program. | |||||
| CVE-2006-1610 | 1 Squery | 1 Squery | 2023-12-10 | 5.1 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in lib/armygame.php in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter. NOTE: this only occurs when register_globals is disabled. | |||||
| CVE-2006-0850 | 1 Ilch.de | 1 Ilchclan | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in include/includes/user/login.php in ilchClan before 1.05g allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1720 | 1 Apple | 1 Afp Server | 2023-12-10 | 2.1 LOW | N/A |
| AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL. | |||||
| CVE-2005-4275 | 1 Scientific Atlanta | 1 Dpx2100 Cable Modem | 2023-12-10 | 7.8 HIGH | N/A |
| Scientific Atlanta DPX2100 Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD), as demonstrated using hping2. NOTE: the provenance of this issue is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-4807 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2023-12-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. | |||||
| CVE-2005-4649 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Advanced Guestbook 2.2 and 2.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the entry parameter in index.php and (2) the gb_id parameter in comment.php. NOTE: The index.php/entry vector might be resultant from CVE-2005-1548. | |||||
| CVE-2004-2499 | 1 Hitachi | 2 Web Page Generator, Web Page Generator Enterprise | 2023-12-10 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier allows remote attackers to cause a denial of service via unknown attack vectors when a web site is "improperly accessed." | |||||
| CVE-2006-1896 | 1 Phpbb Group | 1 Phpbb | 2023-12-10 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functionality. NOTE: the original report does not clarify whether this issue is static code injection, eval injection, or another type of vulnerability. | |||||
| CVE-2006-1067 | 1 Linksys | 1 Wrt54g V5 | 2023-12-10 | 5.0 MEDIUM | N/A |
| Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value. | |||||
| CVE-2005-1873 | 1 Crob | 1 Crob Ftp | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string. | |||||
| CVE-2005-3771 | 1 Joomla | 1 Joomla | 2023-12-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.4 allow remote attackers to inject arbitrary web script or HTML via (1) "GET and other variables" and (2) "SEF". | |||||
| CVE-2005-3108 | 1 Linux | 1 Linux Kernel | 2023-12-10 | 2.1 LOW | N/A |
| mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist. | |||||
| CVE-2005-1736 | 1 Electricmonk | 1 Proms | 2023-12-10 | 7.5 HIGH | N/A |
| PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended. | |||||
| CVE-2005-2664 | 1 Whisper32 | 1 Whisper32 | 2023-12-10 | 2.1 LOW | N/A |
| Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory. | |||||
| CVE-2005-3649 | 1 Moodle | 1 Moodle | 2023-12-10 | 2.6 LOW | N/A |
| jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter. | |||||