Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0208 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
The HTML parsing functions in Gaim before 1.1.4 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
CVE-2005-0214 1 Alexander Palmo 1 Simple Php Blog 2026-04-16 N/A
Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to read or create arbitrary files via a .. (dot dot) in the entry parameter.
CVE-2005-0230 1 Mozilla 1 Firefox 2026-04-16 N/A
Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files that can still be parsed by the Windows batch file parser, aka "firedragging."
CVE-2005-0232 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Firefox 1.0 allows remote attackers to modify Boolean configuration parameters for the about:config site by using a plugin such as Flash, and the -moz-opacity filter, to display the about:config site then cause the user to double-click at a certain screen position, aka "Fireflashing."
CVE-2005-0239 1 Squirrelmail 1 S Mime Plugin 2026-04-16 N/A
viewcert.php in the S/MIME plugin 0.4 and 0.5 for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the cert parameter.
CVE-2005-0246 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2026-04-16 N/A
The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays.
CVE-2005-0282 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL commands via the uid parameter.
CVE-2005-0283 1 David Barrett 1 Qwikiwiki 2026-04-16 N/A
Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter.
CVE-2005-0284 1 Woltlab 1 Burning Book 2026-04-16 N/A
SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter.
CVE-2005-0289 1 Apple 2 Airport Express, Airport Extreme 2026-04-16 N/A
Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs.
CVE-2005-0292 1 Php Gift Registry 1 Phpgiftreg 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters.
CVE-2005-0293 1 Minis 1 Minis 2026-04-16 N/A
Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the month parameter.
CVE-2005-0296 1 Novell 2 Groupwise, Groupwise Webaccess 2026-04-16 N/A
NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue
CVE-2005-0297 1 Oracle 1 Database Server 2026-04-16 N/A
SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.
CVE-2005-0301 1 Comersus Open Technologies 1 Comersus Backoffice Lite 2026-04-16 N/A
comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass authentication and gain privileges via a direct request to the program.
CVE-2002-1155 1 Redhat 2 Enterprise Linux, Linux 2026-04-16 N/A
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
CVE-2002-1228 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a denial of service by killing the lockd daemon.
CVE-2002-1496 1 Nulllogic 1 Null Httpd 2026-04-16 N/A
Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.
CVE-2002-1497 1 Nulllogic 1 Null Httpd 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attackers to insert arbitrary HTML into a "404 Not Found" response.
CVE-2002-1498 1 Trevor Lee 1 Swserver 2026-04-16 N/A
Directory traversal vulnerability in SWServer 2.2 and earlier allows remote attackers to read arbitrary files via a URL containing .. sequences with "/" or "\" characters.