Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1857 1 Simpleproxy 1 Simpleproxy 2026-04-16 N/A
Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply.
CVE-2005-1855 2 Debian, Sukria 2 Debian Linux, Backup Manager 2026-04-16 N/A
Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information.
CVE-2005-1867 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.
CVE-2005-1874 1 Evan Wagner 1 Dzip 2026-04-16 N/A
Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive.
CVE-2005-1878 1 Giptables 1 Giptables Firewall 2026-04-16 N/A
GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file.
CVE-2005-1873 1 Crob 1 Crob Ftp 2026-04-16 N/A
Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command with a long string or (2) a globbing ("*") character followed by a long string.
CVE-2005-1875 1 Exhibit Engine 1 Exhibit Engine 2026-04-16 N/A
Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) search_row, (2) sort_row, (3) order or (4) perpage parameter.
CVE-2005-1883 1 Yapig 1 Yapig 2026-04-16 N/A
global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter.
CVE-2005-1896 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via the image parameter.
CVE-2005-1897 1 Flexcast 1 Flexcast Audio Video Streaming Server 2026-04-16 N/A
Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors.
CVE-2005-1898 1 Phpthumb 1 Phpthumb 2026-04-16 N/A
The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images.
CVE-2005-1899 1 Rakkarsoft 1 Raknet 2026-04-16 N/A
Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a denial of service (infinite loop) via a zero-byte UDP packet.
CVE-2005-1900 1 Sawmill 1 Sawmill 2026-04-16 N/A
Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license.
CVE-2005-1909 1 Software602 1 602lan Suite 2026-04-16 N/A
The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "</pre><!-" sequence in an HTTP GET request in the logon, possibly due to a cross-site scripting (XSS) vulnerability.
CVE-2005-1907 1 Microsoft 1 Isa Server 2026-04-16 N/A
The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic.
CVE-2005-1908 1 Perception 1 Liteweb 2026-04-16 N/A
Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL.
CVE-2005-1917 1 Kpopper 1 Kpopper 2026-04-16 N/A
kpopper 1.0 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the .popper-new temporary file.
CVE-2005-1934 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
CVE-2005-1956 1 File Upload Manager 1 File Upload Manager 2026-04-16 N/A
File Upload Manager allows remote attackers to upload arbitrary files by modifying the test variable to contain a value of '~~~~~~' (six tildes), which bypasses the file extension checks.
CVE-2005-1944 1 Xmysqladmin 1 Xmysqladmin 2026-04-16 N/A
xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.