Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1337 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| Apple Help Viewer 2.0.7 and 3.0.0 in Mac OS X 10.3.9 allows remote attackers to read and execute arbitrary scrpts with less restrictive privileges via a help:// URI. | |||||
| CVE-2005-1336 | 1 Apple | 1 Mac Os X | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | |||||
| CVE-2005-1335 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.2 HIGH | N/A |
| Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner." | |||||
| CVE-2005-1333 | 1 Apple | 1 Mac Os X | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. | |||||
| CVE-2005-1332 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 7.5 HIGH | N/A |
| Bluetooth-enabled systems in Mac OS X 10.3.9 enables the Bluetooth file exchange service by default, which allows remote attackers to access files without the user being notified, and local users to access files via the default directory. | |||||
| CVE-2005-1330 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2008-09-05 | 4.9 MEDIUM | N/A |
| AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. | |||||
| CVE-2005-1327 | 1 Woltlab | 1 Burning Board | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter. | |||||
| CVE-2005-1326 | 1 Voodoo Circle | 1 Voodoo Circle | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote authenticated attackers to cause a denial of service (client crash) via a crafted packet. | |||||
| CVE-2005-1322 | 1 Horde | 1 Nag | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1321 | 1 Horde | 1 Vaction | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Vacation module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1320 | 1 Horde | 1 Mnemo | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1319 | 1 Horde | 1 Imp | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1318 | 1 Horde | 1 Forwards | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1317 | 1 Horde | 1 Chora | 2008-09-05 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1315 | 1 Horde | 1 Turba | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Turba module before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1314 | 1 Horde | 1 Kronolith | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Kronolith module before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1313 | 1 Horde | 1 Passwd | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Passwd module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | |||||
| CVE-2005-1312 | 1 Yappa-ng | 1 Yappa-ng | 2008-09-05 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors. | |||||
| CVE-2005-1311 | 1 Yappa-ng | 1 Yappa-ng | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2005-1310 | 1 Eaden Mckee | 1 Bblog | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | |||||