| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-0230 | 7.2 |
IBM Power Hardware Management Console (HMC) 7.3 through 7.3.0 SP7, 7.9 through 7.9.0 SP3, 8.1 through 8.1.0 SP3, 8.2 through 8.2.0 SP2, 8.3 through 8.3.0 SP2, 8.4 through 8.4.0 SP1, and 8.5.0 allows physically proximate attackers to obtain root acces
|
09-12-2020 - 14:33 | 07-07-2016 - 14:59 | |
| CVE-2005-3353 | 5.0 |
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
|
30-10-2018 - 16:25 | 18-11-2005 - 23:03 | |
| CVE-2005-3557 | 5.0 |
Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) in the selected%5B%5D parameter in an HTTP POST request.
|
19-10-2018 - 15:37 | 16-11-2005 - 07:42 | |
| CVE-2005-3556 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in PHPlist 2.10.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) listname parameter in (a) admin/editlist.php, (2) title parameter in (b) admin/spageedit.php,
|
19-10-2018 - 15:37 | 16-11-2005 - 07:42 | |
| CVE-2005-3555 | 6.5 |
Multiple SQL injection vulnerabilities in PHPlist 2.10.1 and earlier allow authenticated remote attackers with administrator privileges to execute arbitrary SQL commands via the id parameter in the (1) editattributes or (2) admin page.
|
19-10-2018 - 15:37 | 16-11-2005 - 07:42 | |
| CVE-2005-2124 | 7.6 |
Unspecified vulnerability in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1, related to "An unchecked buffer" and possibly buffer overflows, allows remote attackers to execute arbitrary code via a c
|
12-10-2018 - 21:37 | 29-11-2005 - 21:03 | |
| CVE-2005-2123 | 7.5 |
Multiple integer overflows in the Graphics Rendering Engine (GDI32.DLL) in Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allow remote attackers to execute arbitrary code via crafted Windows Metafile (WMF) and Enhanced Metafile (EMF) format im
|
12-10-2018 - 21:37 | 29-11-2005 - 21:03 | |
| CVE-2000-0737 | 4.6 |
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
|
12-10-2018 - 21:29 | 20-10-2000 - 04:00 | |
| CVE-2017-15804 | 7.5 |
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator.
|
20-06-2018 - 01:29 | 22-10-2017 - 20:29 | |
| CVE-2005-3564 | 7.2 |
envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors.
|
11-10-2017 - 01:30 | 16-11-2005 - 07:42 | |
| CVE-2013-4912 | 5.8 |
Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC pr
|
29-08-2017 - 01:33 | 01-08-2013 - 13:32 | |
| CVE-2008-2236 | 4.3 |
Cross-site scripting (XSS) vulnerability in blosxom.cgi in Blosxom before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the flav parameter (flavour variable). NOTE: some of these details are obtained from third party infor
|
08-08-2017 - 01:30 | 03-10-2008 - 15:07 | |
| CVE-2005-4424 | 6.5 |
Directory traversal vulnerability in PHPKIT 1.6.1 R2 and earlier might allow remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the path parameter and a %00 at the end of the filename, as demonstrated by an avatar filename
|
20-07-2017 - 01:29 | 20-12-2005 - 11:03 | |
| CVE-2005-3553 | 7.5 |
Multiple SQL injection vulnerabilities in include.php in PHPKIT 1.6.1 R2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in conjunction with the login/userinfo.php path and (2) the session parameter (aka
|
11-07-2017 - 01:33 | 16-11-2005 - 07:42 | |
| CVE-2005-3554 | 5.1 |
Multiple eval injection vulnerabilities in the help function in PHPKIT 1.6.1 R2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary code on the server via unknown attack vectors involving uninitialized variables
|
11-07-2017 - 01:33 | 16-11-2005 - 07:42 | |
| CVE-2005-3552 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in PHPKIT 1.6.1 R2 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple vectors in (1) login/profile.php, (2) login/userinfo.php, (3) admin/admin.php, (4) imcenter.
|
11-07-2017 - 01:33 | 16-11-2005 - 07:42 | |
| CVE-2005-3116 | 10.0 |
Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. Failed exploit
|
11-07-2017 - 01:33 | 18-11-2005 - 06:03 | |
| CVE-2004-1638 | 7.5 |
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
|
11-07-2017 - 01:31 | 16-10-2004 - 04:00 | |
| CVE-2005-4155 | 7.5 |
registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in P
|
05-09-2008 - 20:56 | 11-12-2005 - 02:03 | |
| CVE-2005-4422 | 6.5 |
Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stable allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in data/
|
05-09-2008 - 20:56 | 20-12-2005 - 11:03 |