Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0226 | 1 Ngircd | 1 Ngircd | 2025-04-03 | N/A |
| Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-0291 | 1 Netgear | 1 Fvs318 | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase. | ||||
| CVE-2005-0293 | 1 Minis | 1 Minis | 2025-04-03 | N/A |
| Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the month parameter. | ||||
| CVE-2005-0391 | 1 Daniel De Rauglaudre | 1 Geneweb | 2025-04-03 | N/A |
| geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files. | ||||
| CVE-2005-0335 | 1 Emotion | 1 Mediapartner Web Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2005-0338 | 1 Savant | 1 Savant Webserver | 2025-04-03 | N/A |
| Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request. | ||||
| CVE-2005-0390 | 1 Axel | 1 Axel | 2025-04-03 | N/A |
| Buffer overflow in the HTTP redirection capability in conn.c for Axel before 1.0b may allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-0364 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service. | ||||
| CVE-2005-0392 | 1 Debian | 1 Ppxp | 2025-04-03 | N/A |
| ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands. | ||||
| CVE-2005-0428 | 1 Powerdns | 1 Powerdns | 2025-04-03 | N/A |
| The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes. | ||||
| CVE-2005-0429 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | N/A |
| Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showforumusers is enabled, allows remote attackers to execute inject arbitrary PHP commands via the comma parameter. | ||||
| CVE-2005-0431 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2025-04-03 | N/A |
| Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam. | ||||
| CVE-2005-0432 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks. | ||||
| CVE-2005-0475 | 1 Php Arena | 1 Pafaq | 2025-04-03 | N/A |
| SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php. | ||||
| CVE-2005-0476 | 1 Hpm Guestbook.cgi | 1 Hpm Guestbook.cgi | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in hpm_guestbook.cgi allows remote attackers to inject arbitrary web script or HTML by posting a message. | ||||
| CVE-2005-0478 | 1 Trackercam | 1 Trackercam | 2025-04-03 | N/A |
| Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script. | ||||
| CVE-2005-0480 | 1 Trackercam | 1 Trackercam | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to inject arbitrary HTML or web script via the login request, which is recorded in a log file but not properly handled when the administrator views the log file. | ||||
| CVE-2005-0525 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-03 | N/A |
| The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek. | ||||
| CVE-2005-0523 | 1 Prozilla | 1 Prozilla Download Accelerator | 2025-04-03 | N/A |
| Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | ||||
| CVE-2000-0686 | 1 Cgi Script Center | 1 Auction Weaver | 2025-04-03 | N/A |
| Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter. | ||||