Total
29947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3622 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory. | ||||
| CVE-2002-0917 | 1 Cgiscript.net | 1 Cspassword | 2026-04-16 | N/A |
| CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users. | ||||
| CVE-2005-3677 | 1 Realnetworks | 1 Realplayer | 2026-04-16 | N/A |
| Buffer overflow in RealNetworks RealPlayer 10 and 10.5 allows remote attackers to execute arbitrary code via a crafted image in a RealPlayer Skin (RJS) file. NOTE: due to the lack of details, it is unclear how this is different than CVE-2005-2629 and CVE-2005-2630, but the vendor advisory implies that it is different. | ||||
| CVE-2005-3774 | 1 Cisco | 1 Pix | 2026-04-16 | N/A |
| Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. | ||||
| CVE-2005-3780 | 1 Ipupdate | 1 Ipupdate | 2026-04-16 | N/A |
| Multiple buffer overflows in IPUpdate 1.1 might allow attackers to execute arbitrary code via (1) memmcat in the memm module or (2) certain TSIG format records. | ||||
| CVE-2005-3786 | 1 Novell | 3 Zenworks, Zenworks Desktops, Zenworks Servers | 2026-04-16 | N/A |
| Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One. | ||||
| CVE-2005-3891 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "imgcache\" string that is added to the end of the buffer. | ||||
| CVE-2005-3899 | 1 Google | 1 Talk | 2026-04-16 | N/A |
| The automatic update feature in Google Talk allows remote attackers to cause a denial of service (CPU and memory consumption) by poisoning a target's DNS cache and causing a large update file to be sent, which consumes large amounts of CPU and memory during the signature verification, aka BenjiBug. | ||||
| CVE-2005-3909 | 1 Post Affiliate Pro | 1 Post Affiliate Pro | 2026-04-16 | N/A |
| SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the sortorder parameter. | ||||
| CVE-2005-3988 | 1 Pineapple Technologies | 1 Lore | 2026-04-16 | N/A |
| SQL injection vulnerability in article.php in Pineapple Technologies Lore 1.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-4030 | 1 Quicksilver Forums | 1 Quicksilver Forums | 2026-04-16 | N/A |
| SQL injection vulnerability in Quicksilver Forums before 1.5.1 allows remote attackers to execute arbitrary SQL commands via the HTTP_USER_AGENT header. | ||||
| CVE-2005-4132 | 1 Contenido | 1 Contendio | 2026-04-16 | N/A |
| Unspecified "security leak" vulnerability in Contenido before 4.6.4, when register_globals is on and allow_url_fopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability. | ||||
| CVE-2005-4208 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| Directory traversal vulnerability in Flatnuke 2.5.6 allows remote attackers to access arbitrary files via a .. (dot dot) and null byte (%00) in the id parameter of the read module. | ||||
| CVE-2005-4215 | 1 Motorola | 1 Motorola Cable Modem | 2026-04-16 | N/A |
| Motorola SB5100E Cable Modem allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). | ||||
| CVE-2005-4219 | 1 Innovative Cms | 1 Innovative Cms | 2026-04-16 | N/A |
| setting.php in Innovative CMS (ICMS, formerly Imoel-CMS) contains username and password information in cleartext, which might allow attackers to obtain this information via a direct request to setting.php. NOTE: on a properly configured web server, it would be expected that a .php file would be processed before content is returned to the user, so this might not be a vulnerability. | ||||
| CVE-2005-4250 | 1 Mcgallery | 1 Mcgallery Pro | 2026-04-16 | N/A |
| Directory traversal vulnerability in mcGallery PRO 2.2 and earlier allows remote attackers to read arbitrary files via the language parameter. | ||||
| CVE-2005-4345 | 1 Macromedia | 1 Coldfusion | 2026-04-16 | N/A |
| Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges. | ||||
| CVE-2005-4357 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpBB 2.0.18, when "Allowed HTML tags" is enabled, allows remote attackers to inject arbitrary Javascript via a permitted HTML tag with " (quote) characters and active attributes such as onmouseover. | ||||
| CVE-2005-4383 | 1 Citysoft | 1 Community Enterprise | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.cfm in CitySoft Community Enterprise 4.x allows remote attackers to inject arbitrary web script or HTML via the (1) presentationSite, (2) docPublishYear, (3) docDescription, (4) publishState, (5) docAuthor, (6) docTitle, (7) subTopic, (8) topic, (9) topicRadio, (10) topicOnly, (11) startrow, and (12) sortby parameters. | ||||
| CVE-2005-4388 | 1 Contens | 1 Contens | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.cfm in CONTENS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the near parameter. | ||||