Total
29522 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4887 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-21 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | |||||
| CVE-2005-4885 | 1 Sun | 1 Storedge 6130 Arrays | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability on certain Sun StorEdge 6130 (SE6130) Controller Arrays allows remote attackers to delete data via unknown vectors. | |||||
| CVE-2005-4884 | 1 Oracle | 1 Database Server | 2024-11-21 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 10.1.0.4 (10g) allows remote authenticated attackers to affect availability via unknown vectors, aka DB02. | |||||
| CVE-2005-4847 | 1 Spey | 1 Spey | 2024-11-21 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack vectors related to "A number of security holes which could lead to compromise," a different issue than CVE-2005-4846. | |||||
| CVE-2005-4718 | 1 Opera | 1 Opera Browser | 2024-11-21 | 5.0 MEDIUM | N/A |
| Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a "content: url(0);" style attribute, a "bodyA" tag, a long string, and a "u" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a "margin:-99;" STYLE attribute. | |||||
| CVE-2005-4625 | 3 Ati, Intel, Microsoft | 3 Catalyst Driver, Display Adapter Driver, Internet Explorer | 2024-11-21 | 7.1 HIGH | N/A |
| Drivers for certain display adapters, including (1) an unspecified ATI driver and (2) an unspecified Intel driver, might allow remote attackers to cause a denial of service (system crash) via a large JPEG image, as demonstrated in Internet Explorer using stoopid.jpg with a width and height of 9999999. | |||||
| CVE-2005-4585 | 1 Ethereal Group | 1 Ethereal | 2024-11-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the GTP dissector for Ethereal 0.9.1 to 0.10.13 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | |||||
| CVE-2005-4273 | 1 Ibm | 1 Aix | 2024-11-21 | 2.1 LOW | N/A |
| Multiple unspecified vulnerabilities in (1) getShell and (2) getCommand in IBM AIX 5.3 allow local users to append to arbitrary files. | |||||
| CVE-2005-4210 | 1 Opera | 1 Opera Browser | 2024-11-21 | 5.0 MEDIUM | N/A |
| Opera before 8.51, when running on Windows with Input Method Editor (IME) installed, allows remote attackers to cause a denial of service (persistent application crash) by bookmarking a site with a long title. | |||||
| CVE-2005-4200 | 1 Mybulletinboard | 1 Mybulletinboard | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0 have unknown impact and attack vectors, a different set of vulnerabilities than those identified by CVE-2005-4199. | |||||
| CVE-2005-4154 | 1 Php | 1 Pear | 2024-11-21 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in PEAR installer 1.4.2 and earlier allows user-assisted attackers to execute arbitrary code via a crafted package that can execute code when the pear command is executed or when the Web/Gtk frontend is loaded. | |||||
| CVE-2005-4131 | 1 Microsoft | 1 Excel | 2024-11-21 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538. | |||||
| CVE-2005-4045 | 1 Sun | 1 Java Communications Services Delegated Administrator | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in System Communications Services 6 Delegated Administrator 2005Q1 in Sun Java System Messaging Server 2005Q1 allows remote attackers to obtain the Top-Level Administrator (TLA) default password via unknown vectors, possibly involving configure_toplevel_admin.ldif. | |||||
| CVE-2005-4007 | 1 Redgraphic | 1 Sapid Cms | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in SAPID CMS before 1.2.3.03, related to newly registered users and possibly authorization checks, have unknown impact and attack vectors involving (1) mvc/controller/user_request_analysis.inc.php and (2) usr/xml/ddc/authorization.xml. | |||||
| CVE-2005-3907 | 1 Sun | 2 Jdk, Jre | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors involving untrusted Java applets. | |||||
| CVE-2005-3906 | 1 Sun | 2 Jdk, Jre | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. NOTE: this is associated with the "second and third issues" identified in SUNALERT:102003. | |||||
| CVE-2005-3905 | 1 Sun | 2 Jdk, Jre | 2024-11-21 | 7.5 HIGH | N/A |
| Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors, a different vulnerability than CVE-2005-3906. NOTE: this is associated with the "first issue" identified in SUNALERT:102003. | |||||
| CVE-2005-3779 | 1 Hp | 1 Hp-ux | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2005-3749 | 1 Ibm | 1 Aix | 2024-11-21 | 7.2 HIGH | N/A |
| Unspecified "absolute path vulnerabilities" in the diagela command (diagela.sh) in IBM AIX 5.2 and 5.3 have unknown impact and attack vectors. | |||||
| CVE-2005-3747 | 1 Mortbay | 1 Jetty | 2024-11-21 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters. NOTE: this might be the same issue as CVE-2006-2758. | |||||