Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0358 2 Emc, Sun 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software 2025-04-03 N/A
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
CVE-2005-0364 1 Hp 1 Hp-ux 2025-04-03 N/A
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
CVE-2005-0392 1 Debian 1 Ppxp 2025-04-03 N/A
ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands.
CVE-2005-0375 1 Sergey Kiselev 1 Sgallery 2025-04-03 N/A
imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with (1) idalbum and (2) idimage unset, which reveals the installation path in an error message for the sql_fetch_row function.
CVE-2005-0376 1 Sergey Kiselev 1 Sgallery 2025-04-03 N/A
PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENT_ROOT parameter to reference a URL on a remote web server that contains (1) config.php or (2) sql_layer.php.
CVE-2005-0377 1 Sergey Kiselev 1 Sgallery 2025-04-03 N/A
SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters.
CVE-2005-0378 1 Horde 1 Horde 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php.
CVE-2005-0381 1 Forumkit 1 Forumkit 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter.
CVE-2005-0382 1 Breed 1 Breed 2025-04-03 N/A
Breed patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via an empty UDP packet, which triggers a null dereference.
CVE-2005-0385 1 Frank Mcingvale 1 Luxman 2025-04-03 N/A
Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument.
CVE-2005-0386 1 Mailreader.com 1 Mailreader.com 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows remote attackers to inject arbitrary web script or HTML via MIME text/enriched or text/richtext messages.
CVE-2005-0388 1 Remstats 1 Remstats 2025-04-03 N/A
Unknown vulnerability in the remoteping service in remstats 1.0.13 and earlier allows remote attackers to execute arbitrary commands "due to missing input sanitising."
CVE-2005-0400 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
The ext2_make_empty function call in the Linux kernel before 2.6.11.6 does not properly initialize memory when creating a block for a new directory entry, which allows local users to obtain potentially sensitive information by reading the block.
CVE-2005-0402 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2025-04-03 N/A
Firefox before 1.0.2 allows remote attackers to execute arbitrary code by tricking a user into saving a page as a Firefox sidebar panel, then using the sidebar panel to inject Javascript into a privileged page.
CVE-2005-1016 1 Maxwebportal 1 Maxwebportal 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in links_add_form.asp for MaxWebPortal 1.33 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URL in a banner URL.
CVE-2005-1014 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2025-04-03 N/A
Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command.
CVE-2005-1018 1 Ca 1 Brightstor Arcserve Backup 2025-04-03 N/A
Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field.
CVE-2005-1025 1 Ibm 1 Iseries As 400 2025-04-03 N/A
The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library.
CVE-2005-1027 1 Francisco Burzi 1 Php-nuke 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module, (2) avatarcategory parameter in the Your_Account module, or (3) lid parameter in the Downloads module.
CVE-2005-1034 1 Netwin 1 Surgeftp 2025-04-03 N/A
SurgeFTP 2.2m1 allows remote attackers to cause a denial of service (application hang) via the LEAK command.