|
363451
|
9.3 |
HIGH
|
novell
|
imanager
|
Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonst…
|
NVD-CWE-Other
|
CVE-2005-1730
|
2011-03-8 11:22 |
2005-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363452
|
9.3 |
HIGH
|
novell
|
imanager
|
This vulnerability is addressed in the following product update:
http://www.novell.com/products/consoles/
|
NVD-CWE-Other
|
CVE-2005-1730
|
2011-03-8 11:22 |
2005-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363453
|
5.0 |
MEDIUM
|
gearbox_software
|
halo_combat_evolved
|
Gearbox Software Halo: Combat Evolved 1.6 allows remote attackers to cause a denial of service (infinite loop) via malformed data.
|
NVD-CWE-Other
|
CVE-2005-1741
|
2011-03-8 11:22 |
2005-05-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363454
|
4.3 |
MEDIUM
|
novell
|
netmail
|
Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.
|
NVD-CWE-Other
|
CVE-2005-1756
|
2011-03-8 11:22 |
2005-06-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363455
|
7.5 |
HIGH
|
novell
|
netmail
|
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2005-1757
|
2011-03-8 11:22 |
2005-06-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363456
|
7.5 |
HIGH
|
novell
|
netmail
|
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2005-1758
|
2011-03-8 11:22 |
2005-06-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363457
|
5.0 |
MEDIUM
|
phpmailer
|
phpmailer
|
The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field.
|
NVD-CWE-Other
|
CVE-2005-1807
|
2011-03-8 11:22 |
2005-05-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363458
|
7.5 |
HIGH
|
hp
|
radia_client
|
Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to exe…
|
NVD-CWE-Other
|
CVE-2005-1825
|
2011-03-8 11:22 |
2005-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363459
|
7.5 |
HIGH
|
hp
|
radia_client
|
Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension.
|
NVD-CWE-Other
|
CVE-2005-1826
|
2011-03-8 11:22 |
2005-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363460
|
7.5 |
HIGH
|
kerio
|
kerio_mailserver personal_firewall winroute_firewall
|
The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 …
|
NVD-CWE-Other
|
CVE-2005-1062
|
2011-03-8 11:21 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363461
|
5.1 |
MEDIUM
|
apple
|
applescript mac_os_x mac_os_x_server
|
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could…
|
NVD-CWE-Other
|
CVE-2005-1331
|
2011-03-8 11:21 |
2005-05-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363462
|
5.1 |
MEDIUM
|
apple
|
terminal mac_os_x mac_os_x_server
|
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
|
NVD-CWE-Other
|
CVE-2005-1341
|
2011-03-8 11:21 |
2005-05-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363463
|
7.5 |
HIGH
|
apple
|
terminal mac_os_x
|
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-2005-1342
|
2011-03-8 11:21 |
2005-05-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363464
|
4.6 |
MEDIUM
|
phpmyadmin
|
phpmyadmin
|
The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.
|
NVD-CWE-Other
|
CVE-2005-1392
|
2011-03-8 11:21 |
2005-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363465
|
4.6 |
MEDIUM
|
freebsd
|
freebsd
|
The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications t…
|
NVD-CWE-Other
|
CVE-2005-1406
|
2011-03-8 11:21 |
2005-05-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363466
|
5.0 |
MEDIUM
|
soft3304
|
04webserver
|
Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder.
|
NVD-CWE-Other
|
CVE-2005-1416
|
2011-03-8 11:21 |
2005-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363467
|
7.5 |
HIGH
|
stefan_ritt
|
elog_web_logbook
|
ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL.
|
NVD-CWE-Other
|
CVE-2005-0440
|
2011-03-8 11:20 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363468
|
4.3 |
MEDIUM
|
mediawiki
|
mediawiki
|
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script.
|
NVD-CWE-Other
|
CVE-2005-0534
|
2011-03-8 11:20 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363469
|
7.5 |
HIGH
|
mediawiki gentoo
|
mediawiki linux
|
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users.
|
NVD-CWE-Other
|
CVE-2005-0535
|
2011-03-8 11:20 |
2005-02-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363470
|
5.0 |
MEDIUM
|
mediawiki
|
mediawiki
|
Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to…
|
NVD-CWE-Other
|
CVE-2005-0536
|
2011-03-8 11:20 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363471
|
7.5 |
HIGH
|
kmint21_software
|
golden_ftp_server
|
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.
|
NVD-CWE-Other
|
CVE-2005-0634
|
2011-03-8 11:20 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363472
|
10.0 |
HIGH
|
mysql
|
maxdb
|
Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%…
|
NVD-CWE-Other
|
CVE-2005-0684
|
2011-03-8 11:20 |
2005-04-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363473
|
10.0 |
HIGH
|
symantec_veritas
|
backup_exec
|
VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.
|
NVD-CWE-Other
|
CVE-2005-0771
|
2011-03-8 11:20 |
2005-06-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363474
|
7.5 |
HIGH
|
symantec_veritas
|
backup_exec
|
Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_…
|
NVD-CWE-Other
|
CVE-2005-0773
|
2011-03-8 11:20 |
2005-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363475
|
7.5 |
HIGH
|
coinsoft_technologies
|
phpcoin
|
Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgo…
|
NVD-CWE-Other
|
CVE-2005-0932
|
2011-03-8 11:20 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363476
|
5.0 |
MEDIUM
|
coinsoft_technologies
|
phpcoin
|
Directory traversal vulnerability in auxpage.php for phpCOIN 1.2.1b and earlier allows remote attackers to read arbitrary files via the page parameter.
|
NVD-CWE-Other
|
CVE-2005-0933
|
2011-03-8 11:20 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363477
|
5.1 |
MEDIUM
|
adobe
|
acrobat_reader
|
The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile A…
|
NVD-CWE-Other
|
CVE-2005-0035
|
2011-03-8 11:19 |
2005-05-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363478
|
5.0 |
MEDIUM
|
mysql
|
maxdb
|
MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
|
NVD-CWE-Other
|
CVE-2005-0081
|
2011-03-8 11:19 |
2005-04-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363479
|
5.0 |
MEDIUM
|
mysql
|
maxdb
|
The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler …
|
NVD-CWE-Other
|
CVE-2005-0082
|
2011-03-8 11:19 |
2005-04-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363480
|
7.5 |
HIGH
|
mysql
|
maxdb
|
Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
|
NVD-CWE-Other
|
CVE-2005-0111
|
2011-03-8 11:19 |
2005-01-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363481
|
4.6 |
MEDIUM
|
sco
|
unixware
|
The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
|
NVD-CWE-Other
|
CVE-2005-0134
|
2011-03-8 11:19 |
2005-05-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363482
|
4.3 |
MEDIUM
|
recipants
|
recipants
|
Multiple cross-site scripting (XSS) vulnerabilities in ReciPants 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user id, (2) recipe id, (3) category id, and (4) other…
|
NVD-CWE-Other
|
CVE-2004-2568
|
2011-03-8 11:19 |
2004-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363483
|
4.3 |
MEDIUM
|
phpgroupware
|
phpgroupware
|
Cross-site scripting (XSS) vulnerability in index.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to inject arbitrary web script or HTML via the date parameter in a calendar.uicale…
|
NVD-CWE-Other
|
CVE-2004-2574
|
2011-03-8 11:19 |
2004-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363484
|
5.0 |
MEDIUM
|
phpgroupware
|
phpgroupware
|
phpGroupWare 0.9.14.005 and earlier allow remote attackers to obtain sensitive information via a direct request to (1) hook_admin.inc.php, (2) hook_home.inc.php, (3) class.holidaycalc.inc.php, and (4…
|
NVD-CWE-Other
|
CVE-2004-2575
|
2011-03-8 11:19 |
2004-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363485
|
5.1 |
MEDIUM
|
gnu
|
emacs
|
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstr…
|
NVD-CWE-Other
|
CVE-2003-1232
|
2011-03-8 11:13 |
2003-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363486
|
5.0 |
MEDIUM
|
apple
|
afp_server
|
Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files.
|
NVD-CWE-Other
|
CVE-2003-0379
|
2011-03-8 11:12 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363487
|
10.0 |
HIGH
|
apple
|
darwin_streaming_server
|
Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a requ…
|
NVD-CWE-Other
|
CVE-2003-0502
|
2011-03-8 11:12 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363488
|
7.5 |
HIGH
|
compaq
|
tru64
|
Buffer overflow in libc in Compaq Tru64 4.0F, 5.0, 5.1 and 5.1A allows attackers to execute arbitrary code via long (1) LANG and (2) LOCPATH environment variables.
|
NVD-CWE-Other
|
CVE-2002-2002
|
2011-03-8 11:11 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363489
|
7.5 |
HIGH
|
sun
|
java_web_start
|
Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2002-2005
|
2011-03-8 11:11 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363490
|
4.3 |
MEDIUM
|
citrix
|
access_essentials metaframe_presentation_server presentation_server
|
Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute …
|
CWE-352
同一生成元ポリシー違反
|
CVE-2002-2426
|
2011-03-8 11:11 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363491
|
5.0 |
MEDIUM
|
mailreader.com debian
|
mailreader.com debian_linux
|
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configL…
|
NVD-CWE-Other
|
CVE-2002-1581
|
2011-03-8 11:10 |
2004-12-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363492
|
7.2 |
HIGH
|
hp
|
tru64
|
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customiz…
|
NVD-CWE-Other
|
CVE-2002-1617
|
2011-03-8 11:10 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363493
|
5.0 |
MEDIUM
|
ibm
|
aix
|
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
|
NVD-CWE-Other
|
CVE-2002-1041
|
2011-03-8 11:09 |
2002-10-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363494
|
7.5 |
HIGH
|
symantec
|
enterprise_firewall raptor_firewall velociraptor gateway_security
|
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports,…
|
NVD-CWE-Other
|
CVE-2002-0538
|
2011-03-8 11:08 |
2002-07-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363495
|
7.5 |
HIGH
|
horde
|
imp
|
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email.
|
NVD-CWE-Other
|
CVE-2001-1257
|
2011-03-8 11:07 |
2001-07-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363496
|
3.6 |
LOW
|
horde
|
imp
|
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the …
|
NVD-CWE-Other
|
CVE-2001-1258
|
2011-03-8 11:07 |
2001-07-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363497
|
7.5 |
HIGH
|
network_associates
|
webshield_smtp
|
NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in e…
|
NVD-CWE-Other
|
CVE-2001-1542
|
2011-03-8 11:07 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363498
|
7.2 |
HIGH
|
compaq
|
tru64
|
Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.
|
NVD-CWE-Other
|
CVE-2002-0093
|
2011-03-8 11:07 |
2002-09-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363499
|
10.0 |
HIGH
|
iplanet
|
iplanet_web_server
|
Vulnerability in iPlanet Web Server Enterprise Edition 4.x.
|
NVD-CWE-Other
|
CVE-2001-0431
|
2011-03-8 11:05 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363500
|
2.1 |
LOW
|
sendmail
|
sendmail
|
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mod…
|
NVD-CWE-Other
|
CVE-2001-0715
|
2011-03-8 11:05 |
2001-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|