|Max CVSS||10.0||Min CVSS||2.1||Total Count||19|
|ID||CVSS||Summary||Last (major) update||Published|
Macromedia Flash plugin (1) Flash.ocx 126.96.36.199 (Windows) and earlier and (2) libflashplayer.so before 188.8.131.52 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineF
|17-10-2016 - 23:36||16-11-2005 - 02:42|
Format string vulnerability in the foreign_option function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option.
|17-10-2016 - 23:35||01-11-2005 - 07:47|
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 184.108.40.206 creates configuration files with insecure world-readable permissions, which allows local users to obtain sensitive information such as passwords.
|17-10-2016 - 23:32||27-10-2005 - 06:02|
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfe
|17-10-2016 - 23:24||05-07-2005 - 00:00|
The cabd_find function in cabd.c of the libmspack library (mspack) for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted CAB file that causes cabd_find to be called with a zero le
|14-07-2011 - 00:00||05-11-2005 - 06:02|
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
|07-03-2011 - 21:26||06-11-2005 - 21:02|
The tnef_attachment function in tnef.c for Clam AntiVirus (ClamAV) before 0.87.1 allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the sa
|07-03-2011 - 21:26||05-11-2005 - 06:02|
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.5 allows remote attackers to inject arbitrary web script or HTML via 404 error pages, a different vulnerability than CVE-2005-3425.
|07-03-2011 - 21:26||01-11-2005 - 17:02|
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
|07-03-2011 - 21:26||03-11-2005 - 19:02|
The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file.
|07-03-2011 - 21:26||05-11-2005 - 06:02|
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
|07-03-2011 - 21:25||30-10-2005 - 15:02|
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
|07-03-2011 - 21:25||03-11-2005 - 19:02|
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
|07-03-2011 - 21:24||05-11-2005 - 06:02|
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary co
|07-03-2011 - 00:00||13-10-2005 - 18:02|
Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors.
|02-04-2010 - 02:06||16-11-2005 - 02:42|
The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an infinite recursion in the ole2_walk_property_tree f
|02-04-2010 - 01:50||14-10-2005 - 15:02|
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
|10-09-2008 - 15:44||20-10-2005 - 06:02|
Cross-site scripting (XSS) vulnerability in GNUMP3D before 2.9.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2005-3424.
|05-09-2008 - 16:54||01-11-2005 - 17:02|
OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler.
|05-09-2008 - 16:54||01-11-2005 - 19:02|