Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1360 | 1 Graycms | 1 Graycms | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 allows remote attackers to execute arbitrary PHP code by modifying the path_prefix parameter to reference a URL on a remote web server that contains the code. | ||||
| CVE-2005-1361 | 1 Metalinks | 1 Metacart E-shop | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp. | ||||
| CVE-2005-1385 | 1 Apple | 1 Safari | 2025-04-03 | N/A |
| Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference. | ||||
| CVE-2005-1387 | 1 Kristofer Szymanski | 1 Cocktail | 2025-04-03 | N/A |
| Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes. | ||||
| CVE-2005-1405 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications. | ||||
| CVE-2005-1406 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. | ||||
| CVE-2005-1407 | 1 Skype Technologies | 1 Skype | 2025-04-03 | N/A |
| Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. | ||||
| CVE-2005-1408 | 1 Apple | 1 Keynote | 2025-04-03 | N/A |
| Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation. | ||||
| CVE-2005-1433 | 1 Hp | 1 Openview Event Correlation Services | 2025-04-03 | N/A |
| Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2005-1439 | 1 Osticket | 1 Osticket | 2025-04-03 | N/A |
| Directory traversal vulnerability in attachments.php in osTicket allows remote attackers to read arbitrary files via .. sequences in the file parameter. | ||||
| CVE-2005-1438 | 1 Osticket | 1 Osticket | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in main.php in osTicket allows remote attackers to execute arbitrary PHP code via the include_dir parameter. | ||||
| CVE-2005-1446 | 1 Sitepanel | 1 Sitepanel | 2025-04-03 | N/A |
| SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to upload and execute arbitrary files such as PHP scripts via an attachment to a trouble ticket. | ||||
| CVE-1999-1031 | 1 Behold Software | 1 Web Page Counter | 2025-04-03 | N/A |
| counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via a long argument. | ||||
| CVE-2005-1447 | 1 Sitepanel | 1 Sitepanel | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to execute arbitrary PHP code via the p parameter. | ||||
| CVE-2005-1448 | 1 S9y | 1 Serendipity | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2005-1483 | 1 Interspire | 1 Articlelive | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ArticleLive 2005 allow remote attackers to inject arbitrary web script or HTML via the (1) Query, (2) Username, (3) LastName, (4) Biography, or (5) BlogId parameter. | ||||
| CVE-2005-1490 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2025-04-03 | N/A |
| Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox.dat file does not exist, allows remote authenticated users to determine if a file exists via the folder parameter to attachment.html. | ||||
| CVE-2005-1491 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2025-04-03 | N/A |
| Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allows remote authenticated users to (1) move their home directory via viewaction.html or (2) move arbitrary files via the importfile parameter to importaction.html. | ||||
| CVE-2005-1493 | 1 Dead Pirate Software | 1 Simplecam | 2025-04-03 | N/A |
| Directory traversal vulnerability in SimpleCam 1.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URL. | ||||
| CVE-2005-1494 | 1 Megabook | 1 Megabook | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in admin.cgi in MegaBook 2.0 and 2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) entryid or (2) password parameter. | ||||