Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0022 2 Redhat, University Of Cambridge 2 Enterprise Linux, Exim 2025-04-03 N/A
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
CVE-2005-0043 1 Apple 1 Itunes 2025-04-03 N/A
Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.
CVE-2005-0051 1 Microsoft 1 Windows Xp 2025-04-03 N/A
The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability."
CVE-2005-0054 1 Microsoft 2 Ie, Internet Explorer 2025-04-03 N/A
Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability."
CVE-2005-0079 1 Xtrlock 1 Xtrlock 2025-04-03 N/A
Buffer overflow in xtrlock 2.0 allows local users to cause a denial of service (application crash) and hijack the desktop session.
CVE-2005-0074 1 Xpcd 1 Xpcd 2025-04-03 N/A
Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code.
CVE-2005-0722 1 Experience2 1 Experience2 2025-04-03 N/A
eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message.
CVE-2005-0725 1 Wf-sections 1 Wf-sections 2025-04-03 N/A
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php.
CVE-2005-0726 1 Ubbcentral 1 Ubb.threads 2025-04-03 N/A
SQL injection vulnerability in editpost.php in UBB.threads 6.0 allows remote attackers to execute arbitrary SQL commands via the Number parameter.
CVE-2005-0733 1 Py Software 1 Active Webcam 2025-04-03 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to determine the existence of files via an HTTP request with a full pathname, which produces different messages whether the file exists or not.
CVE-2005-0734 1 Py Software 1 Active Webcam 2025-04-03 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (memory exhaustion and process crash) via a large number of HTTP requests.
CVE-2005-0743 1 Xoops 1 Xoops 2025-04-03 N/A
The custom avatar uploading feature (uploader.php) for XOOPS 2.0.9.2 and earlier allows remote attackers to upload arbitrary PHP scripts, whose file extensions are not filtered.
CVE-2005-0746 1 Novell 1 Ichain 2025-04-03 N/A
The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command.
CVE-2005-1449 1 S9y 1 Serendipity 2025-04-03 N/A
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact.
CVE-2005-0752 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2025-04-03 N/A
The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.
CVE-2005-0753 2 Cvs, Redhat 2 Cvs, Enterprise Linux 2025-04-03 N/A
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
CVE-2005-0762 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2025-04-03 N/A
Heap-based buffer overflow in the SGI parser in ImageMagick before 6.0 allows remote attackers to execute arbitrary code via a crafted SGI image file.
CVE-2005-0763 2 Midnight Commander, Redhat 2 Midnight Commander, Enterprise Linux 2025-04-03 N/A
Buffer overflow in Midnight Commander (mc) 4.5.55 and earlier may allow attackers to execute arbitrary code.
CVE-2005-0764 1 Marc Lehmann 1 Rxvt-unicode 2025-04-03 N/A
Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences.
CVE-2005-0770 1 Datarescue 1 Ida Pro 2025-04-03 N/A
Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service (CPU consumption or application crash) and possibly execute arbitrary code via format string specifiers in a dynamic link library (DLL) name.