Total
29755 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0365 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2025-04-03 | N/A |
| The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-0383 | 1 Trend Micro | 1 Control Manager | 2025-04-03 | N/A |
| Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password. | ||||
| CVE-2005-0385 | 1 Frank Mcingvale | 1 Luxman | 2025-04-03 | N/A |
| Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument. | ||||
| CVE-2005-0386 | 1 Mailreader.com | 1 Mailreader.com | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows remote attackers to inject arbitrary web script or HTML via MIME text/enriched or text/richtext messages. | ||||
| CVE-2005-0387 | 1 Remstats | 1 Remstats | 2025-04-03 | N/A |
| remstats 1.0.13 and earlier, when processing uptime data, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-0388 | 1 Remstats | 1 Remstats | 2025-04-03 | N/A |
| Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising." | ||||
| CVE-2005-0414 | 1 Mercuryboard | 1 Mercuryboard | 2025-04-03 | N/A |
| SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter. | ||||
| CVE-2005-0418 | 1 Sun | 1 J2se | 2025-04-03 | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06, on Mac OS X, allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. NOTE: it is highly likely that this item will be MERGED with CVE-2005-0836. | ||||
| CVE-2005-0415 | 1 Ulrik Petersen | 1 Emdros Database Engine | 2025-04-03 | N/A |
| Multiple memory leaks in the MQL parser in Emdros before 1.1.22 allow remote attackers to cause a denial of service (memory consumption) via malformed MQL statements. | ||||
| CVE-2005-0419 | 1 3com | 1 3cserver | 2025-04-03 | N/A |
| Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command. | ||||
| CVE-2005-0433 | 1 Francisco Burzi | 1 Php-nuke | 2025-04-03 | N/A |
| Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3) Downloads/index.php, or (4) Web_Links/index.php, which lists the path in a PHP error message. | ||||
| CVE-2005-0435 | 1 Awstats | 1 Awstats | 2025-04-03 | N/A |
| awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog. | ||||
| CVE-2005-0436 | 1 Awstats | 1 Awstats | 2025-04-03 | N/A |
| Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter. | ||||
| CVE-2005-0437 | 1 Awstats | 1 Awstats | 2025-04-03 | N/A |
| Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. (dot dot) sequences in the loadplugin parameter. | ||||
| CVE-2005-0438 | 1 Awstats | 1 Awstats | 2025-04-03 | N/A |
| awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter. | ||||
| CVE-2005-0452 | 1 Microsoft | 1 Asp.net | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". | ||||
| CVE-2005-0455 | 2 Realnetworks, Redhat | 4 Realone Player, Realplayer, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value. | ||||
| CVE-2005-0458 | 1 Oscommerce | 1 Oscommerce | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in contact_us.php in osCommerce 2.2-MS2 allows remote attackers to inject arbitrary web script or HTML via the enquiry parameter. | ||||
| CVE-2005-0481 | 1 Trackercam | 1 Trackercam | 2025-04-03 | N/A |
| TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script. | ||||
| CVE-2005-0482 | 1 Trackercam | 1 Trackercam | 2025-04-03 | N/A |
| TrackerCam 5.12 and earlier allows remote attackers to cause a denial of service (crash) via (1) a large number of connections with a negative Content-Length header, possibly triggering an integer signedness error, or (2) a large amount of data. | ||||