Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1037 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges. | ||||
| CVE-2005-1038 | 2 Paul Vixie, Redhat | 2 Vixie Cron, Enterprise Linux | 2025-04-03 | N/A |
| crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235. | ||||
| CVE-2005-1039 | 1 Gnu | 1 Coreutils | 2025-04-03 | N/A |
| Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files. | ||||
| CVE-2005-1051 | 1 Punbb | 1 Punbb | 2025-04-03 | N/A |
| SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action. | ||||
| CVE-2005-1055 | 1 Towerblog | 1 Towerblog | 2025-04-03 | N/A |
| TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the _dat/login file. | ||||
| CVE-2005-1056 | 1 Hp | 1 Openview Network Node Manager | 2025-04-03 | N/A |
| Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6.2 through 6.4, and 7.01 through 7.50, allows remote attackers to cause a denial of service. | ||||
| CVE-2005-1057 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet." | ||||
| CVE-2005-1068 | 1 Scssboard | 1 Scssboard | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to execute arbitrary Javascript via [url] tags. | ||||
| CVE-2005-1062 | 1 Kerio | 3 Kerio Mailserver, Personal Firewall, Winroute Firewall | 2025-04-03 | N/A |
| The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to quickly obtain passwords that are 5 characters or less via brute force methods. | ||||
| CVE-2005-1063 | 1 Kerio | 3 Kerio Mailserver, Personal Firewall, Winroute Firewall | 2025-04-03 | N/A |
| The administration protocol for Kerio WinRoute Firewall 6.x up to 6.0.10, Personal Firewall 4.x up to 4.1.2, and MailServer up to 6.0.8 allows remote attackers to cause a denial of service (CPU consumption) via certain attacks that force the product to "compute unexpected conditions" and "perform cryptographic operations." | ||||
| CVE-2005-1064 | 1 Rsnapshot | 1 Filesystem Snapshot Utility | 2025-04-03 | N/A |
| The copy_symlink function in rsnapshot 1.2.0 and 1.1.x before 1.1.7 changes the ownership of files that a symlink points to rather than the symlink itself, which allows local users to obtain access to arbitrary files. | ||||
| CVE-2005-1065 | 1 Novell | 1 Linux Desktop | 2025-04-03 | N/A |
| tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory. | ||||
| CVE-2005-1066 | 1 University Of Washington | 1 Pine | 2025-04-03 | N/A |
| Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-1075 | 1 Radscripts | 1 Radbids | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via (1) the farea parameter to faq.php or the (2) cat, (3) order, or (4) area parameters to index.php. | ||||
| CVE-2005-1076 | 1 Webct | 1 Webct | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote attackers to inject arbitrary web script or HTML via the message field. | ||||
| CVE-2005-1077 | 1 Xampp | 1 Apache Distribution | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php. | ||||
| CVE-2005-1078 | 1 Xampp | 1 Apache Distribution | 2025-04-03 | N/A |
| XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges. | ||||
| CVE-2005-1079 | 1 Mike De Boer | 1 Zoom Media Gallery | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2005-1084 | 1 Aewebworks | 1 Aedating | 2025-04-03 | N/A |
| SQL injection vulnerability in sdating.php in aeDating 3.2 allows remote attackers to execute arbitrary SQL commands files via the event parameter. | ||||
| CVE-2005-1085 | 1 Aewebworks | 1 Aedating | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML. | ||||