Total
29944 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0295 | 1 Inca | 1 Nprotect Gameguard | 2026-04-16 | N/A |
| npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any process that calls it, which allows local users to gain privileges. | ||||
| CVE-2005-0307 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters. | ||||
| CVE-2005-0313 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in Magic Winmail Server 4.0 Build 1112 allow remote attackers to (1) upload arbitrary files via certain parameters to upload.php or (2) read arbitrary files via certain parameters to download.php, and remote authenticated users to read, create, or delete arbitrary directories and files via the IMAP commands (3) CREATE, (4) EXAMINE, (5) SELECT, or (6) DELETE. | ||||
| CVE-2005-0316 | 1 Webwasher | 1 Webwasher Classic | 2026-04-16 | N/A |
| WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2005-0398 | 6 Altlinux, Ipsec-tools, Kame and 3 more | 7 Alt Linux, Ipsec-tools, Racoon and 4 more | 2026-04-16 | N/A |
| The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. | ||||
| CVE-2005-0475 | 1 Php Arena | 1 Pafaq | 2026-04-16 | N/A |
| SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php. | ||||
| CVE-2005-0481 | 1 Trackercam | 1 Trackercam | 2026-04-16 | N/A |
| TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script. | ||||
| CVE-2005-0483 | 1 Glftpd | 1 Glftpd | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) read arbitrary files from within ZIP or gzip files, via .. (dot dot) sequences and globbing ("*") characters in a SITE NFO command. | ||||
| CVE-2005-0502 | 1 Xinkaa Web Station | 1 Xinkaa Web Station | 2026-04-16 | N/A |
| Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows remote attackers to read arbitrary files via (1) ../ and (2) ..\ characters in an HTTP request. | ||||
| CVE-2005-0505 | 1 Stackworks Enterprises | 1 Information Resource Manager | 2026-04-16 | N/A |
| Unknown vulnerability in Information Resource Manager (IRM) before 1.5.2.1 allows remote attackers to have "potentially serious" impact, related to LDAP logins. | ||||
| CVE-2005-0516 | 1 Twiki | 1 Imagegalleryplugin | 2026-04-16 | N/A |
| The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote attackers to execute arbitrary commands via certain commands that generate thumbnails. | ||||
| CVE-2005-0579 | 1 Freenx | 1 Freenx | 2026-04-16 | N/A |
| nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication. | ||||
| CVE-2005-0598 | 1 Cisco | 10 Application And Content Networking Software, Content Delivery Manager, Content Distribution Manager 4630 and 7 more | 2026-04-16 | N/A |
| The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets. | ||||
| CVE-2005-0625 | 1 Debian | 1 Reportbug | 2026-04-16 | N/A |
| reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | ||||
| CVE-2005-0671 | 1 Ca3de | 1 Ca3de | 2026-04-16 | N/A |
| Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. | ||||
| CVE-2005-0680 | 1 Stadtaus | 1 Download Center Lite | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-0689 | 1 Jimmy | 1 The Includer | 2026-04-16 | N/A |
| includer.cgi in The Includer allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the URL or (2) the template parameter. | ||||
| CVE-2005-0731 | 1 Py Software | 1 Active Webcam | 2026-04-16 | N/A |
| PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to Filelist.html. | ||||
| CVE-2005-0883 | 1 Digitalhive | 1 Digitalhive | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in base.php for DigitalHive 2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the mt parameter to the membres.php page or (2) the -afs-1- query string to the msg.php page. | ||||
| CVE-2005-0900 | 1 Nukebookmarks | 1 Nukebookmarks | 2026-04-16 | N/A |
| marks.php in NukeBookmarks 0.6 for PHP-Nuke allows remote attackers to obtain sensitive information via an invalid (1) file or (2) category parameter, which reveal the path in an error message. | ||||