Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0725 | 1 Wf-sections | 1 Wf-sections | 2026-04-16 | N/A |
| SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php. | ||||
| CVE-2005-0750 | 5 Conectiva, Linux, Redhat and 2 more | 8 Linux, Linux Kernel, Enterprise Linux and 5 more | 2026-04-16 | N/A |
| The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | ||||
| CVE-2005-0765 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2005-0798 | 1 Novell | 1 Ichain | 2026-04-16 | N/A |
| Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks. | ||||
| CVE-2005-0900 | 1 Nukebookmarks | 1 Nukebookmarks | 2026-04-16 | N/A |
| marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid (1) file or (2) category parameter, which reveal the path in an error message. | ||||
| CVE-2005-0912 | 1 Deplate | 1 Deplate | 2026-04-16 | N/A |
| Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb. | ||||
| CVE-2005-0931 | 1 Jimmy | 1 The Includer | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 allows remote attackers to execute arbitrary PHP code. | ||||
| CVE-2005-0957 | 1 Bay Technical Associates | 1 Rpc3 Telnet | 2026-04-16 | N/A |
| Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by pressing the escape and enter keys at the username prompt. | ||||
| CVE-2005-1215 | 1 Microsoft | 1 Isa Server | 2026-04-16 | N/A |
| Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet containing multiple Content-Length headers. | ||||
| CVE-2005-1269 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2026-04-16 | N/A |
| Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name. | ||||
| CVE-2005-1365 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences. | ||||
| CVE-2005-1408 | 1 Apple | 1 Keynote | 2026-04-16 | N/A |
| Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation. | ||||
| CVE-2005-1451 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files. | ||||
| CVE-2005-1458 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Multiple unknown "other problems" in the KINK dissector in Ethereal before 0.10.11 have unknown impact and attack vectors. | ||||
| CVE-2005-1460 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length. | ||||
| CVE-2005-1469 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the GSM dissector in Ethereal before 0.10.11 allows remote attackers to cause the dissector to access an invalid pointer. | ||||
| CVE-2005-1483 | 1 Interspire | 1 Articlelive | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter. | ||||
| CVE-2005-1489 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Unknown vulnerability in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to obtain the full path of the server via certain requests to (1) calendar_addevent.html, (2) calendar_event.html, or (3) calendar_task.html. | ||||
| CVE-2005-1499 | 1 Mywebland | 1 Mybloggie | 2026-04-16 | N/A |
| delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying the comment_id parameter. | ||||
| CVE-2005-1501 | 1 Midicart Software | 1 Midicart Php Shopping Cart | 2026-04-16 | N/A |
| MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive information via a direct request to (1) search_list.php, (2) item_list.php, or (3) item_show.php, which reveal the path in a PHP error message. | ||||