Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1422 | 1 Raysoft | 1 Video Cam Server | 2008-09-05 | 7.5 HIGH | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html. | |||||
| CVE-2005-1421 | 1 Raysoft | 1 Video Cam Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request. | |||||
| CVE-2005-1420 | 1 Raysoft | 1 Video Cam Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space). | |||||
| CVE-2005-1419 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter. | |||||
| CVE-2005-1417 | 1 Maxwebportal | 1 Maxwebportal | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp. | |||||
| CVE-2005-1415 | 1 Globalscape | 1 Secure Ftp Server | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command. | |||||
| CVE-2005-1412 | 1 Ecomm | 1 Professional Guestbook | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter. | |||||
| CVE-2005-1407 | 1 Skype Technologies | 1 Skype | 2008-09-05 | 4.6 MEDIUM | N/A |
| Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. | |||||
| CVE-2005-1404 | 1 Myphp Forum | 1 Myphp Forum | 2008-09-05 | 5.0 MEDIUM | N/A |
| MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php. | |||||
| CVE-2005-1403 | 1 Just Williams | 1 Amazon Webstore | 2008-09-05 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in JustWilliam's Amazon Webstore 04050100 allow remote attackers to inject arbitrary web script or HTML via the (1) image parameter to closeup.php, the (2) currentIsExpanded or (3) searchFor parameters to index.php, (4) the currentNumber parameter to software_CAD_Technical_60002_uk.htm, or (5) a cookie. | |||||
| CVE-2005-1402 | 1 Mtp-target | 1 Mtp-target | 2008-09-05 | 5.0 MEDIUM | N/A |
| Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison. | |||||
| CVE-2005-1401 | 1 Mtp-target | 1 Mtp-target | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers to execute arbitrary code via game messages or other text. | |||||
| CVE-2005-1400 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 4.6 MEDIUM | N/A |
| The i386_get_ldt system call in FreeBSD 4.7 to 4.11 and 5.x to 5.4 allows local users to access sensitive kernel memory via arguments with negative or very large values. | |||||
| CVE-2005-1399 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 4.6 MEDIUM | N/A |
| FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver. | |||||
| CVE-2005-1388 | 1 Survivor | 1 Survivor | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-1346 | 1 Symantec | 7 Antivirus Scan Engine, Mail Security, Norton Antivirus and 4 more | 2008-09-05 | 2.6 LOW | N/A |
| Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file. | |||||
| CVE-2005-1343 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. | |||||
| CVE-2005-1340 | 1 Apple | 1 Mac Os X | 2008-09-05 | 7.5 HIGH | N/A |
| The HTTP proxy service in Server Admin for Mac OS X 10.3.9 does not restrict access when it is enabled, which allows remote attackers to use the proxy. | |||||
| CVE-2005-1339 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name. | |||||
| CVE-2005-1338 | 1 Apple | 1 Mac Os X | 2008-09-05 | 4.6 MEDIUM | N/A |
| Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. | |||||