The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2004-2766 | Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows remote attackers to obtain unspecified access to e-mail via a crafted e-mail message, related to a session hijacking issue, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. | Medium | Jan 31, 2010 | n/a |
| CVE-2004-2767 | NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | Medium | Apr 6, 2010 | n/a |
| CVE-2004-2768 | dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059. | High | Jun 18, 2010 | n/a |
| CVE-2004-2769 | Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the Display hidden files option is enabled, via the (1) MLSD or (2) MLST commands. | Medium | Jul 6, 2010 | n/a |
| CVE-2004-2770 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-3389. Reason: This candidate is a duplicate of CVE-2011-3389. Notes: All CVE users should reference CVE-2011-3389 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.Per http://ekoparty.org/2011/juliano-rizzo.php, \'Our exploit abuses a vulnerability present in the SSL/TLS implementation of major Web browsers at the time of writing.\' The current configuration includes released versions of major browsers. List subject to change based on additional information as it becomes available. | REJECT | Sep 28, 2011 | n/a |
| CVE-2004-2771 | The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address. | High | Dec 29, 2014 | n/a |
| CVE-2004-2772 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2004-2773 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2004-2774 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2004-2775 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2004-2776 | go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter. | HIGH | Jan 14, 2020 | n/a |
| CVE-2004-2777 | GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002 account of the GEMNet license server, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. | High | Aug 4, 2015 | n/a |
| CVE-2004-2778 | Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands. | -- | Jun 27, 2017 | n/a |
| CVE-2004-2779 | id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS). | MEDIUM | Feb 20, 2018 | 10.19.45.1 (Wind River Linux LTS 19) |
| CVE-2005-0123 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0128 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0162 | Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code. | HIGH | Jul 29, 2019 | n/a |
| CVE-2005-0165 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0166 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0167 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0168 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0169 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0170 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0171 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0172 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0394 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0563 | Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL (\"javAsc
ript:\") in an IMG tag. | MEDIUM | Jun 1, 2019 | n/a |
| CVE-2005-0609 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-0758 | zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. | MEDIUM | Oct 16, 2019 | n/a |
| CVE-2005-1028 | PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to (1) index.php with the forum_admin parameter set, (2) the Surveys module, or (3) the Your_Account module, which reveals the path in a PHP error message. | MEDIUM | Jul 16, 2019 | n/a |
| CVE-2005-1119 | Sudo VISudo 1.6.8 and earlier allows local users to corrupt arbitrary files via a symlink attack on temporary files. | -- | Sep 5, 2008 | n/a |
| CVE-2005-1731 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-1844 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-1845 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-1860 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-1861 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-1862 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-1863 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-2345 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-2348 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-2349 | Zoo 2.10 has Directory traversal | MEDIUM | Oct 30, 2019 | n/a |
| CVE-2005-2350 | Cross-site scripting (XSS) vulnerability in websieve v0.62 allows remote attackers to inject arbitrary web script or HTML code in the web user interface. | MEDIUM | Nov 4, 2019 | n/a |
| CVE-2005-2351 | Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files. | LOW | Nov 13, 2019 | n/a |
| CVE-2005-2352 | I race condition in Temp files was found in gs-gpl before 8.56 addons scripts. | MEDIUM | Nov 6, 2019 | n/a |
| CVE-2005-2354 | Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues. | HIGH | Nov 8, 2019 | n/a |
| CVE-2005-2408 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-2491 | Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. | High | Mar 7, 2011 | n/a |
| CVE-2005-2493 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-2528 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2005. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2005-2541 | Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges. | -- | Nov 6, 2023 | n/a |
