ReportizFlow
Filtered by vendor
Subscriptions
Total
29902 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0064 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2026-04-16 | N/A |
| Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value. | ||||
| CVE-2006-4335 | 2 Gzip, Redhat | 2 Gzip, Enterprise Linux | 2026-04-16 | N/A |
| Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a "stack modification vulnerability." | ||||
| CVE-2006-4348 | 1 Kochsuite Component | 1 Kochsuite Component | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. | ||||
| CVE-2006-4364 | 1 Alt-n | 1 Mdaemon | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in the POP3 server in Alt-N Technologies MDaemon before 9.0.6 allow remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via long strings that contain '@' characters in the (1) USER and (2) APOP commands. | ||||
| CVE-2005-0072 | 1 Ejoy And Hu Yong | 1 Zhcon | 2026-04-16 | N/A |
| zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files. | ||||
| CVE-2005-0074 | 1 Xpcd | 1 Xpcd | 2026-04-16 | N/A |
| Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code. | ||||
| CVE-2005-0095 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers. | ||||
| CVE-2005-0111 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter. | ||||
| CVE-2005-0113 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges. | ||||
| CVE-2005-0118 | 1 Helvis | 1 Helvis | 2026-04-16 | N/A |
| helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users. | ||||
| CVE-2005-0143 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks. | ||||
| CVE-2006-4492 | 1 Cybozu | 1 Cybozu Office | 2026-04-16 | N/A |
| Unspecified vulnerability in Cybozu Office 6.5 Build 1.2 for Windows allows remote attackers to obtain sensitive information, including users and groups, via unspecified vectors. | ||||
| CVE-2005-0144 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks. | ||||
| CVE-2005-0194 | 1 Squid | 1 Squid | 2026-04-16 | N/A |
| Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings. | ||||
| CVE-2005-0264 | 1 Owl | 1 Owl Intranet Engine | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) expand or (2) order parameter. | ||||
| CVE-2005-0274 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) si, (3) page, or (4) ppuser parameters. | ||||
| CVE-2005-0279 | 1 Jowood Productions | 1 Soldner Secret Wars | 2026-04-16 | N/A |
| Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet. | ||||
| CVE-2005-0304 | 1 Divx | 1 Divx Player | 2026-04-16 | N/A |
| Directory traversal vulnerability in DivX Player 2.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename in a ZIP file for a skin. | ||||
| CVE-2005-0352 | 1 Woodstone | 1 Servers Alive | 2026-04-16 | N/A |
| Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges. | ||||
| CVE-2005-0385 | 1 Frank Mcingvale | 1 Luxman | 2026-04-16 | N/A |
| Buffer overflow in luxman before 0.41, if used with certain insecure svgalib libraries, allows local users to execute arbitrary code via a long -f command line argument. | ||||