Search Results (363609 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
CVE-2005-3332 1 Belchior Foundry 1 Vcard 2026-04-16 N/A
PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter.
CVE-2005-0374 1 Bitshifters 1 Bitboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover.
CVE-2005-2581 1 Grandstream 2 Budgetone 101, Budgetone 102 2026-04-16 N/A
Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibly earlier versions, allows remote attackers to cause a denial of service (device hang or reboot) via a large UDP packet to port 5060.
CVE-2005-2584 1 Mentor 1 Adslfr4ii 2026-04-16 N/A
The web administration interface in Mentor ADSL-FR4II router running firmware 2.00.0111 does not set a default password, which allows local users to gain access.
CVE-2005-3333 1 Ebase 1 Ebaseweb 2026-04-16 N/A
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2005-0375 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with (1) idalbum and (2) idimage unset, which reveals the installation path in an error message for the sql_fetch_row function.
CVE-2005-0376 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENT_ROOT parameter to reference a URL on a remote web server that contains (1) config.php or (2) sql_layer.php.
CVE-2005-2586 1 Mentor 1 Adslfr4ii 2026-04-16 N/A
Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web administration password in cleartext in the backup configuration file, which allows local users to obtain sensitive information.
CVE-2005-3337 1 Mantis 1 Mantis 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/view_all_set.php.
CVE-2005-0377 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters.
CVE-2005-2587 1 Phptb 1 Topic Boards 2026-04-16 N/A
SQL injection vulnerability in emailvalidate.php in PHPTB Topic Boards 2.0 allows remote attackers to execute arbitrary SQL commands via the mid parameter.
CVE-2005-3338 1 Mantis 1 Mantis 2026-04-16 N/A
Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users.
CVE-2005-0378 1 Horde 1 Horde 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php.
CVE-2005-0379 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the _zb_path parameter to (1) _head.php or (2) outlogin.php, or the dir parameter to (3) write.php.
CVE-2005-2588 1 Dvbbs 1 Dvbbs 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp.
CVE-2005-0380 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in (1) print_category.php, (2) login.php, (3) setup.php, (4) ask_password.php, or (5) error.php in ZeroBoard 4.1pl5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the dir parameter to reference a URL on a remote web server that contains the code.
CVE-2005-2589 1 Linksys 1 Wrt54gs 2026-04-16 N/A
Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption.
CVE-2005-3339 1 Mantis 1 Mantis 2026-04-16 N/A
Mantis before 0.19.3 caches the User ID longer than necessary, which has unknown impact and attack vectors.
CVE-2005-3340 1 New Breed Software 1 Tux Paint 2026-04-16 N/A
The tuxpaint-import.sh script in Tux Paint (tuxpaint) 0.9.14 and earlier creates temporary files insecurely, with unknown impact and attack vectors.