Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0385 | 1 Frank Mcingvale | 1 Luxman | 2026-04-16 | N/A |
| Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument. | ||||
| CVE-2005-0386 | 1 Mailreader.com | 1 Mailreader.com | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows remote attackers to inject arbitrary web script or HTML via MIME text/enriched or text/richtext messages. | ||||
| CVE-2005-0397 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications. | ||||
| CVE-2005-0399 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size. | ||||
| CVE-2005-0414 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter. | ||||
| CVE-2005-0415 | 1 Ulrik Petersen | 1 Emdros Database Engine | 2026-04-16 | N/A |
| Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow remote attackers to cause a denial of service (memory consumption) via malformed MQL statements. | ||||
| CVE-2005-0421 | 1 Delphiturk | 1 Delphiturk Ftp | 2026-04-16 | N/A |
| DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users to gain privileges. | ||||
| CVE-2005-0422 | 1 Delphiturk | 1 Codebank | 2026-04-16 | N/A |
| DelphiTurk CodeBank (aka KodBank) 3.1 and earlier stores usernames and passwords in the Codebank registry key, which allows local users to gain privileges. | ||||
| CVE-2005-0425 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Unknown vulnerability in IBM Websphere Application Server 5.0, 5.1, and 6.0 when running on Windows, allows remote attackers to obtain the source code for Java Server Pages (.jsp) via a crafted URL that causes the page to be processed by the file serving servlet instead of the JSP engine. | ||||
| CVE-2005-0442 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter. | ||||
| CVE-2005-0445 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page. | ||||
| CVE-2005-0448 | 2 Larry Wall, Redhat | 2 Perl, Enterprise Linux | 2026-04-16 | N/A |
| Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452. | ||||
| CVE-2005-0450 | 1 Sami | 1 Sami Http Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows remote attackers to read arbitrary files via an HTTP request containing (1) .. (dot dot) or (2) "%2e%2e" (encoded dot dot) sequences. | ||||
| CVE-2005-0464 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error. | ||||
| CVE-2005-0498 | 1 Gigafast Ethernet | 1 Gigafast Router | 2026-04-16 | N/A |
| Gigafast router (aka CompUSA router) allows remote attackers to gain sensitive information and bypass the login page via a direct request to backup.cfg, which reveals the administrator password in plaintext. | ||||
| CVE-2005-0524 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2026-04-16 | N/A |
| The php_handle_iff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a -8 size value. | ||||
| CVE-2005-0527 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2026-04-16 | N/A |
| Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling." | ||||
| CVE-2005-0541 | 1 Cyclades | 1 Alterpath Manager | 2026-04-16 | N/A |
| consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to connect to arbitrary consoles by modifying the consolename parameter. | ||||
| CVE-2005-0549 | 1 Sun | 1 Solaris Answerbook2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function. | ||||
| CVE-2005-0567 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code. | ||||