Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0067 | 1 Vego | 1 Vego Links Builder | 2011-03-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in VEGO Links Builder 2.00 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
| CVE-2006-0056 | 1 Pam-mysql | 1 Pam-mysql | 2011-03-08 | 7.5 HIGH | N/A |
| Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL. | |||||
| CVE-2005-4834 | 1 Ibm | 1 Websphere Application Server | 2011-03-08 | 5.0 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 5.0.2.5 through 5.1.1.3 allows remote attackers to obtain JSP source code and other sensitive information, related to incorrect request processing by the web container. | |||||
| CVE-2005-4833 | 1 Ibm | 1 Websphere Application Server | 2011-03-08 | 4.3 MEDIUM | N/A |
| IBM WebSphere Application Server (WAS) 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format. | |||||
| CVE-2005-4823 | 1 Hp | 1 Http Server | 2011-03-08 | 10.0 HIGH | N/A |
| Buffer overflow in the HP HTTP Server 5.0 through 5.95 of the HP Web-enabled Management Software allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-4806 | 1 Sun | 1 Java System Web Proxy Server | 2011-03-08 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors. | |||||
| CVE-2005-4713 | 1 Pam Mysql | 1 Pam Mysql | 2011-03-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call. | |||||
| CVE-2005-4707 | 1 Php Gen | 1 Php Gen | 2011-03-08 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHP GEN before 1.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | |||||
| CVE-2005-4706 | 1 Sun | 1 Solaris | 2011-03-08 | 2.1 LOW | N/A |
| Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function. | |||||
| CVE-2005-4701 | 1 Sun | 1 Solaris | 2011-03-08 | 2.1 LOW | N/A |
| Unspecified vulnerability in Process File System (procfs) in Sun Solaris 10 allows local users to obtain sensitive information such as process working directories via unknown attack vectors, possibly pwdx. | |||||
| CVE-2005-4695 | 1 Symantec | 1 Brightmail Antispam | 2011-03-08 | 5.0 MEDIUM | N/A |
| Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages. | |||||
| CVE-2005-4655 | 1 Php Fusion | 1 Php Fusion | 2011-03-08 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in submit.php in PHP-Fusion 6.0.204 allows remote attackers to inject arbitrary web script or HTML via nested tags in the news_body parameter, as demonstrated by elements such as "<me<meta>ta" and "<sc<script>ript>". | |||||
| CVE-2005-4654 | 1 Hp | 1 Oracle For Openview | 2011-03-08 | 6.4 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) 8.1.7, 9.1.01, and 9.2, and OfO for Linux, allow remote attackers to have an unknown impact via unknown attack vectors. NOTE: because of the lack of details in the vendor advisory, it is unclear which set of existing CVEs this advisory might refer to. | |||||
| CVE-2005-4610 | 1 Dopewars | 1 Dopewars | 2011-03-08 | 7.5 HIGH | N/A |
| Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors. | |||||
| CVE-2005-4570 | 1 Fortinet | 3 Forticlient, Fortimanager, Fortios | 2011-03-08 | 7.8 HIGH | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | |||||
| CVE-2005-4569 | 1 Floosietek | 1 Ftgate | 2011-03-08 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in index.fts in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allows remote attackers to execute arbitrary code via a long tzoffset value. | |||||
| CVE-2005-4568 | 1 Floosietek | 1 Ftgate | 2011-03-08 | 7.5 HIGH | N/A |
| Multiple format string vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allow remote attackers to execute arbitrary code via format string specifiers in the (1) USER, (2) PASS, and (3) TOP commands to the POP3 server; and the (4) LIST and (5) AUTHENTICATE commands to the IMAP server. | |||||
| CVE-2005-4567 | 1 Floosietek | 1 Ftgate | 2011-03-08 | 5.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.fts, or the param1 parameter to (2) /domains/index.fts, (3) /config/licence.fts, or (4) /config/systemacl.fts. | |||||
| CVE-2005-4566 | 1 Adtran | 1 Netvanta | 2011-03-08 | 10.0 HIGH | N/A |
| Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to have an unknown impact via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | |||||
| CVE-2005-4565 | 1 Adtran | 1 Netvanta | 2011-03-08 | 10.0 HIGH | N/A |
| Format string vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to have an unknown impact via format string specifiers in crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | |||||