Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1311 1 Yappa-ng 1 Yappa-ng 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-1313 1 Horde 1 Passwd 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Horde Passwd module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1314 1 Horde 1 Kronolith 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Horde Kronolith module before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1322 1 Horde 1 Nag 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1324 1 Matthieu Aubry 1 Phpmyvisites 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters.
CVE-2005-1326 1 Voodoo Circle 1 Voodoo Circle 2025-04-03 N/A
Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote authenticated attackers to cause a denial of service (client crash) via a crafted packet.
CVE-2006-0036 1 Linux 1 Linux Kernel 2025-04-03 N/A
ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows remote attackers to cause a denial of service (memory corruption or crash) via an inbound PPTP_IN_CALL_REQUEST packet that causes a null pointer to be used in an offset calculation.
CVE-2002-0543 1 Aprelium Technologies 1 Abyss Web Server 2025-04-03 N/A
Directory traversal vulnerability in Aprelium Abyss Web Server (abyssws) before 1.0.0.2 allows remote attackers to read files outside the web root, including the abyss.conf file, via URL-encoded .. (dot dot) sequences in the HTTP request.
CVE-2005-1331 1 Apple 3 Applescript, Mac Os X, Mac Os X Server 2025-04-03 N/A
The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs.
CVE-2005-1333 1 Apple 1 Mac Os X 2025-04-03 N/A
Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
CVE-2006-0040 1 Gnome 1 Evolution 2025-04-03 N/A
GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml.
CVE-2005-1335 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via (1) chfn, (2) chpass, and (3) chsh, which "use external helper programs in an insecure manner."
CVE-2005-1339 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
lukemftpd in Mac OS X 10.3.9 allows remote authenticated users to escape the chroot environment by logging in with their full name.
CVE-2005-1429 1 Abczone.it 1 Wwwguestbook 2025-04-03 N/A
SQL injection vulnerability in login.asp in WWWguestbook 1.1 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2005-1430 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-03 N/A
Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.
CVE-2005-1434 1 Hp 1 Openview Network Node Manager 2025-04-03 N/A
Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code.
CVE-2006-0089 1 Esri 1 Arcpad 2025-04-03 N/A
Buffer overflow in ESRI ArcPad 7.0.0.156 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .amp file with a COORDSYS tag with a long string attribute.
CVE-2005-1435 1 Open Webmail 1 Open Webmail 2025-04-03 N/A
Open WebMail (OWM) before 2.51 20050430 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename.
CVE-2006-1136 1 Xerox 6 Copycentre C65, Copycentre C75, Copycentre C90 and 3 more 2025-04-03 N/A
Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers to cause a denial of service via unknown vectors.
CVE-2005-1436 1 Osticket 1 Osticket 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket.