CVE List

Id CVE No. Status Description Phase Votes Comments Actions
15351  CVE-2005-4147  Candidate  The TCLHTTPd service in Lyris ListManager before 8.9b allows remote attackers to obtain source code for arbitrary .tml (TCL) files via (1) a request with a trailing null byte (%00), which might also require (2) an authentication bypass step that involves a username with a trailing "@" characters.  Assigned (20051210)  None (candidate not yet proposed)    View
80887  CVE-2015-3610  Candidate  The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information or modify data via a crafted certificate.  Assigned (20150430)  None (candidate not yet proposed)    View
15607  CVE-2005-4403  Candidate  SQL injection vulnerability in index.php in Marwel 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the show parameter.  Assigned (20051220)  None (candidate not yet proposed)    View
81143  CVE-2015-3866  Candidate  ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.  Assigned (20150512)  None (candidate not yet proposed)    View
15863  CVE-2005-4659  Candidate  IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup.  Assigned (20060116)  None (candidate not yet proposed)    View

Page 20244 of 20943, showing 5 records out of 104715 total, starting on record 101216, ending on 101220

Actions