ReportizFlow
Filtered by vendor
Subscriptions
Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0822 | 1 Citrix | 1 Metaframe Password Manager | 2026-04-16 | N/A |
| Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfuscated when presented to a user, which allows users to view their secondary passwords even if it is not allowed by policy. | ||||
| CVE-2005-0684 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. | ||||
| CVE-2005-0826 | 1 Ollydbg | 1 Ollydbg | 2026-04-16 | N/A |
| OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a dynamic link library (DLL) with a long filename. | ||||
| CVE-2005-0828 | 3 Ciamos, E-xoops, Runcms | 3 Ciamos, E-xoops, Runcms | 2026-04-16 | N/A |
| highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php. | ||||
| CVE-2005-0841 | 1 Phpmyfamily | 1 Phpmyfamily | 2026-04-16 | N/A |
| SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via (1) the person parameter to people.php or (2) the Login field. | ||||
| CVE-2005-0843 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| CRLF injection vulnerability in search.php in Phorum 5.0.14a allows remote attackers to perform HTTP Response Splitting attacks via the body parameter, which is included in the resulting Location header. | ||||
| CVE-2005-0857 | 1 Coolforum | 1 Coolforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in avatar.php for CoolForum 0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the img parameter. | ||||
| CVE-2005-0862 | 1 Phpopenchat | 1 Phpopenchat | 2026-04-16 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter to (1) poc_loginform.php or (2) phpbb/poc.php, the poc_root_path parameter to (3) phpbb/poc.php, (4) phpnuke/ENGLISH_poc.php, (5) phpnuke/poc.php, or (6) yabbse/poc.php, or (7) the sourcedir parameter to yabbse/poc.php. | ||||
| CVE-2005-0867 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in Linux kernel 2.6 allows local users to overwrite kernel memory by writing to a sysfs file. | ||||
| CVE-2002-0721 | 1 Microsoft | 2 Data Engine, Sql Server | 2026-04-16 | N/A |
| Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt. | ||||
| CVE-2005-0868 | 4 Bosanova, Ibm, Mochasoft and 1 more | 4 Launcher400, Client Access, Tn5250 and 1 more | 2026-04-16 | N/A |
| AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC. | ||||
| CVE-2005-0871 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| calendar_scheduler.php in Topic Calendar 1.0.1 module for phpBB, when running on a Microsoft IIS server, allows remote attackers to obtain sensitive information via invalid parameters, which reveal the path in an error message. | ||||
| CVE-2005-0874 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| Multiple buffer overflows in the (1) AIM, (2) MSN, (3) RSS, and other plug-ins for Trillian 2.0 allow remote web servers to cause a denial of service (application crash) via a long string in an HTTP 1.1 response header. | ||||
| CVE-2005-0880 | 1 Vortex Portal | 1 Vortex Portal | 2026-04-16 | N/A |
| content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message. | ||||
| CVE-2005-0890 | 1 Dream4 | 1 Koobi Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remote attackers to execute arbitrary SQL commands via the area parameter. | ||||
| CVE-2005-0893 | 1 Smail | 1 Smail | 2026-04-16 | N/A |
| modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may allow attackers to execute arbitrary code via signal handler race conditions, possibly using xmalloc. | ||||
| CVE-2005-0901 | 1 Nukebookmarks | 1 Nukebookmarks | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in NukeBookmarks 0.6 for PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via the (1) catname, (2) markname, (3) comment, or (4) category parameter. | ||||
| CVE-2005-0954 | 1 Microsoft | 3 Internet Explorer, Windows Explorer, Windows Xp | 2026-04-16 | N/A |
| Windows Explorer and Internet Explorer in Windows 2000 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a malformed Windows Metafile (WMF) file. | ||||
| CVE-1999-0475 | 1 Procmail | 1 Procmail | 2026-04-16 | N/A |
| A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail. | ||||
| CVE-2005-0967 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2026-04-16 | N/A |
| Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | ||||