Vulnerabilities (CVE)

Filter

120781 total CVE
CVE Vendors Products Updated CVSS
CVE-2005-0641 1 Ca 1 Unicenter Asset Management 2008-09-05 4.3
Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template.
CVE-2005-0640 1 Ca 1 Unicenter Asset Management 2008-09-05 4.6
Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods.
CVE-2005-0639 3 Suse, Altlinux, Xli 3 Suse Linux, Xli, Alt Linux 2008-09-05 7.5
Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.
CVE-2005-0636 1 Foxmail 1 Foxmail Email Server 2008-09-05 10.0
Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command.
CVE-2005-0635 1 Foxmail 1 Foxmail Email Server 2008-09-05 10.0
Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.
CVE-2005-0627 1 Trolltech 1 Qt 2008-09-05 4.6
Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs.
CVE-2005-0620 1 Bfriendly.com 1 Einstein 2008-09-05 2.1
Einstein 1.0 stores credit card information in plaintext in the world-readable wallets.dat file, which allows local users to steal the information.
CVE-2005-0618 2 Nexland, Symantec 4 Gateway Security 360, Pro800turbo, Firewall Vpn Appliance 200r and 1 more 2008-09-05 6.4
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two...
CVE-2005-0613 1 Fckeditor 1 Fckeditor 2008-09-05 5.0
Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files.
CVE-2005-0612 1 Cisco 7 Ipvc-3520-gw-4v, Ipvc-3510-mcu, Ipvc-3520-gw-2b2v and 4 more 2008-09-05 7.5
Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration.
CVE-2005-0610 1 Freebsd 1 Freebsd 2008-09-05 7.2
Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary...
CVE-2005-0608 1 Webmod 1 Webmod 2008-09-05 7.5
Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a POST request with a Content-Length that is less than the amount of data that is actually sent.
CVE-2005-0596 1 Php 1 Php 2008-09-05 2.1
PHP 4 (PHP4) allows attackers to cause a denial of service (daemon crash) by using the readfile function on a file whose size is a multiple of the page size.
CVE-2005-0594 1 Apple 1 Mac Os X Server 2008-09-05 7.2
Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.
CVE-2005-0580 1 Krzysztof Dabrowski 1 Cmd5checkpw 2008-09-05 2.1
cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file.
CVE-2005-0579 1 Freenx 1 Freenx 2008-09-05 4.6
nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication.
CVE-2005-0577 1 Dna 1 Mkbold-mkitalic 2008-09-05 5.1
Format string vulnerability in DNA MKBold-MKItalic 0.06_1 and earlier allows remote attackers to execute arbitrary code via crafted BDF font files.
CVE-2005-0576 1 Sun 1 Solaris 2008-09-05 3.6
Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.
CVE-2005-0574 1 Cupidsystems 1 Cis Webserver 2008-09-05 5.0
Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL.
CVE-2005-0544 1 Phpmyadmin 1 Phpmyadmin 2008-09-05 5.0
phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6)...