| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-4526 | 5.0 |
Clearswift MIMEsweeper For Web (a.k.a. WEBsweeper) 4.0 through 5.1 allows remote attackers to bypass filtering via a URL that does not include a .exe extension but returns an executable file.
|
14-02-2024 - 01:17 | 28-12-2005 - 01:03 | |
| CVE-2017-14021 | 10.0 |
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet582
|
17-01-2024 - 15:05 | 01-11-2017 - 02:29 | |
| CVE-2017-14027 | 10.0 |
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G ver
|
17-01-2024 - 15:05 | 01-11-2017 - 02:29 | |
| CVE-2014-8096 | 6.5 |
The SProcXCMiscGetXIDList function in the XC-MISC extension in X.Org X Window System (aka X11 or X) X11R6.0 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds rea
|
13-02-2023 - 00:42 | 10-12-2014 - 15:59 | |
| CVE-2005-4470 | 7.5 |
Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negativ
|
19-10-2018 - 15:41 | 22-12-2005 - 00:03 | |
| CVE-2005-4468 | 7.5 |
PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter.
|
19-10-2018 - 15:41 | 22-12-2005 - 00:03 | |
| CVE-2005-4469 | 7.5 |
Multiple direct static code injection vulnerabilities in PHPGedView 3.3.7 and earlier allow remote attackers to execute arbitrary PHP code via (1) the username field in login.php, or the (2) user_language, (3) user_email, and (4) user_gedcomid parame
|
19-10-2018 - 15:41 | 22-12-2005 - 00:03 | |
| CVE-2005-4467 | 5.0 |
Directory traversal vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to read and include arbitrary files via a .. (dot dot) in the PGV_BASE_DIRECTORY parameter.
|
19-10-2018 - 15:41 | 22-12-2005 - 00:03 | |
| CVE-2005-4348 | 7.8 |
fetchmail before 6.3.1 and before 6.2.5.5, when configured for multidrop mode, allows remote attackers to cause a denial of service (application crash) by sending messages without headers from upstream mail servers.
|
19-10-2018 - 15:40 | 21-12-2005 - 00:03 | |
| CVE-2016-3264 | 7.6 |
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
| CVE-2008-4491 | 5.0 |
Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail.
|
11-10-2018 - 20:52 | 08-10-2008 - 18:00 | |
| CVE-2000-0846 | 7.5 |
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
|
10-10-2017 - 01:29 | 14-11-2000 - 05:00 | |
| CVE-2005-4434 | 4.3 |
Cross-site scripting (XSS) vulnerability in AbleDesign ReSearch 2.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third pa
|
20-07-2017 - 01:29 | 21-12-2005 - 01:03 | |
| CVE-2005-4563 | 7.5 |
SQL injection vulnerability in main.php in Enterprise Heart Enterprise Connector 1.0.2 allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the loginid parameter, a different vulnerability than CVE-2005-3875.
|
20-07-2017 - 01:29 | 29-12-2005 - 11:03 | |
| CVE-2004-1101 | 5.8 |
mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash), leak sensitive pathname information in the resulting error message, and execute a cross-site scripting (XSS) attack
|
11-07-2017 - 01:30 | 10-01-2005 - 05:00 | |
| CVE-2005-3657 | 5.0 |
The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddL
|
08-03-2011 - 02:26 | 21-12-2005 - 11:03 | |
| CVE-2005-4267 | 7.5 |
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTH
|
07-03-2011 - 05:00 | 21-12-2005 - 11:03 | |
| CVE-2005-4410 | 4.3 |
Cross-site scripting (XSS) vulnerability in NQcontent 3 allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the text parameter.
|
20-09-2008 - 04:43 | 20-12-2005 - 11:03 | |
| CVE-2005-4456 | 7.8 |
Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands
|
05-09-2008 - 20:56 | 21-12-2005 - 11:03 |