ReportizFlow
Filtered by vendor
Subscriptions
Total
29909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2135 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| cryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption. | ||||
| CVE-2004-2136 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption. | ||||
| CVE-2005-0007 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion). | ||||
| CVE-2005-0059 | 1 Microsoft | 4 Windows 2000, Windows 98, Windows 98se and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message. | ||||
| CVE-2005-0089 | 2 Python, Redhat | 2 Python, Enterprise Linux | 2026-04-16 | N/A |
| The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes. | ||||
| CVE-2005-0112 | 1 3com | 1 3crwe454g72 | 2026-04-16 | N/A |
| The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs. | ||||
| CVE-2005-0125 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. | ||||
| CVE-2005-0146 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation. | ||||
| CVE-2005-1378 | 1 Oxpus | 1 Phpbb Personal Notes Module | 2026-04-16 | N/A |
| SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors. | ||||
| CVE-2005-1401 | 1 Mtp-target | 1 Mtp-target | 2026-04-16 | N/A |
| Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers to execute arbitrary code via game messages or other text. | ||||
| CVE-2006-0988 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. | ||||
| CVE-2005-0267 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and #10 in the url_avatar field, which is interpreted as a sensitive directive. | ||||
| CVE-2005-0322 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2) settings.cfg, (3) users.dat or (4) user.dat files, which allows local users to extract the passwords. | ||||
| CVE-2005-0345 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| viewthread.php in php-fusion 4.x does not check the (1) forum_id or (2) forum_cat parameters, which allows remote attackers to view protected forums via the thread_id parameter. | ||||
| CVE-2005-0377 | 1 Sergey Kiselev | 1 Sgallery | 2026-04-16 | N/A |
| SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters. | ||||
| CVE-2005-0399 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size. | ||||
| CVE-2005-0416 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2026-04-16 | N/A |
| The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. | ||||
| CVE-2005-0435 | 1 Awstats | 1 Awstats | 2026-04-16 | N/A |
| awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog. | ||||
| CVE-2005-0464 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error. | ||||
| CVE-2005-0523 | 1 Prozilla | 1 Prozilla Download Accelerator | 2026-04-16 | N/A |
| Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header. | ||||