Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2526 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2026-04-16 | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | ||||
| CVE-2005-4292 | 1 Internet Express Products | 1 Commercesql | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CommerceSQL 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keywords parameter in the Quick Find feature. | ||||
| CVE-2005-2546 | 1 Arab Portal | 1 Arab Portal | 2026-04-16 | N/A |
| Arab Portal 2.0 allows remote attackers to obtain sensitive information via a long (1) username or (2) password, which reveals the path in an error message when the undefined "errmsg" function is called. | ||||
| CVE-2005-2547 | 1 Bluez Project | 1 Bluez | 2026-04-16 | N/A |
| security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper. | ||||
| CVE-2005-4296 | 1 Appserv Open Project | 1 Appserv | 2026-04-16 | N/A |
| AppServ Open Project 2.5.3 allows remote attackers to cause a denial of service via a large HTTP request. | ||||
| CVE-2005-2543 | 1 Comdev | 1 Comdev Ecommerce | 2026-04-16 | N/A |
| Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter. | ||||
| CVE-2005-2544 | 1 Comdev | 1 Comdev Ecommerce | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter. | ||||
| CVE-2005-2591 | 1 Parlano | 1 Mindalign | 2026-04-16 | N/A |
| Parlano MindAlign 5.0 and later versions allows remote attackers to list valid users via unknown vectors, aka the "User Enumeration" vulnerability. | ||||
| CVE-2005-2594 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body. | ||||
| CVE-2005-2605 | 1 Omnipilot Software | 1 Lasso Professional Server | 2026-04-16 | N/A |
| Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags. | ||||
| CVE-2005-2604 | 1 My Image Gallery | 1 My Image Gallery | 2026-04-16 | N/A |
| index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message. | ||||
| CVE-2005-2607 | 1 Phpsimplicity | 1 Simplicity Of Upload | 2026-04-16 | N/A |
| PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters. | ||||
| CVE-2005-2603 | 1 My Image Gallery | 1 My Image Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters. | ||||
| CVE-2005-2606 | 1 Phlymail | 1 Phlymail | 2026-04-16 | N/A |
| Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors. | ||||
| CVE-2005-2645 | 1 Xerox | 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more | 2026-04-16 | N/A |
| Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to bypass authentication. | ||||
| CVE-2006-4570 | 2 Mozilla, Redhat | 3 Seamonkey, Thunderbird, Enterprise Linux | 2026-04-16 | N/A |
| Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forwards, or replies to the original message. | ||||
| CVE-2005-2665 | 2 Elm Development Group, Redhat | 2 Elm, Enterprise Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, and possibly other versions, allows remote attackers to execute arbitrary code via an e-mail message with a long Expires header. | ||||
| CVE-2005-2701 | 2 Mozilla, Redhat | 3 Firefox, Mozilla Suite, Enterprise Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag. | ||||
| CVE-2005-2721 | 1 Foojan | 1 Php Weblog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) admin.php in Foojan PHP Weblog allow remote attackers to inject arbitrary web script or HTML via the Referer field in the HTTP header. | ||||
| CVE-2005-2749 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in the Finder Get Info window for Mac OS X 10.4 up to 10.4.2 causes Finder to misrepresent file and group ownership information. NOTE: it is not clear whether this issue satisfies the CVE definition of a vulnerability. | ||||