Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1158 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar.
CVE-2005-1165 1 Yager Development 1 Yager Game 2026-04-16 N/A
Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data.
CVE-2005-1164 1 Yager Development 1 Yager Game 2026-04-16 N/A
Yager 5.24 and earlier allows remote attackers to cause a denial of service (application hang) via a packet with a game header that provides less data than indicated by the length.
CVE-2005-1161 1 Oneworldstore 1 Oneworldstore 2026-04-16 N/A
Multiple SQL injection vulnerabilities in OneWorldStore allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) owAddItem.asp or (2) owProductDetail.asp, (3) idCategory parameter to owListProduct.asp, or (4) bSpecials parameter to owListProduct.asp.
CVE-2005-1163 1 Yager Development 1 Yager Game 2026-04-16 N/A
Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via (1) a crafted nickname or (2) a packet with a large amount of data.
CVE-2005-1168 1 Musicmatch 1 Jukebox 2026-04-16 N/A
DiagCollectionControl.dll in Musicmatch 10.00.2047 and earlier allows remote attackers to overwrite arbitrary files via the bstrSavePath argument.
CVE-2005-1173 1 Pmsoftware 1 Simple Web Server 2026-04-16 N/A
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2005-1175 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
CVE-2005-1177 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact.
CVE-2005-1178 1 Oracle 1 Forms 2026-04-16 N/A
SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature.
CVE-2005-1189 1 Webcamxp 1 Webcamxp Pro 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in WebcamXP PRO v2.16.468 and earlier allows remote attackers to inject arbitrary web script or HTML via the chat name, as demonstrated by using an IFRAME to redirect users to other sites.
CVE-2005-1190 1 Webcamxp 1 Webcamxp Pro 2026-04-16 N/A
WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a denial of service via a long chat name, which takes up too much display space and prevents the chat frame from being properly rendered.
CVE-2005-1204 1 Nelso Software 1 Desktop Rover 2026-04-16 N/A
Desktop Rover 3.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a crafted packet to TCP port 61427, which causes an invalid memory access.
CVE-2005-1853 1 University Of Minnesota 1 Gopher 2026-04-16 N/A
gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges.
CVE-2005-1856 1 Sukria 1 Backup Manager 2026-04-16 N/A
The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack.
CVE-2005-1854 1 Debian 1 Apt-cacher 2026-04-16 N/A
Unknown vulnerability in apt-cacher in Debian 3.1, related to "missing input sanitising," allows remote attackers to execute arbitrary commands on the caching server.
CVE-2005-1857 1 Simpleproxy 1 Simpleproxy 2026-04-16 N/A
Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply.
CVE-2005-1855 2 Debian, Sukria 2 Debian Linux, Backup Manager 2026-04-16 N/A
Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information.
CVE-2005-1867 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.
CVE-2005-1874 1 Evan Wagner 1 Dzip 2026-04-16 N/A
Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive.