Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0768 1 Goodtech Systems 1 Goodtech Telnet Server 2026-04-16 N/A
Buffer overflow in the administration web server for GoodTech Telnet Server 4.0 and 5.0, and possibly all versions before 5.0.7, allows remote attackers to execute arbitrary code via a long string to port 2380.
CVE-2005-0769 1 Openslp 1 Openslp 2026-04-16 N/A
Multiple buffer overflows in OpenSLP before 1.1.5 allow remote attackers to have an unknown impact via malformed SLP packets.
CVE-2005-0783 1 Phorum 1 Phorum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Phorum before 5.0.14a allows remote attackers to inject arbitrary web script or HTML via the filename of an attached file.
CVE-2005-0778 1 Photopost 1 Photopost Php Pro 2026-04-16 N/A
PhotoPost PHP 5.0 RC3 does not fully verify that an uploaded file is an image file, which allows remote attackers to inject arbitrary Javascript by uploading non-image files with an image extension such as .gif.
CVE-2005-0782 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in (1) viewall.php and (2) category.php for paFileDB 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the start parameter to pafiledb.php.
CVE-2005-0792 1 Zpanel 1 Zpanel 2026-04-16 N/A
SQL injection vulnerability in ZPanel 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) uname parameter to index.php or (2) page parameter to zpanel.php.
CVE-2005-0789 1 Limewire 1 Limewire 2026-04-16 N/A
Directory traversal vulnerability in LimeWire 3.9.6 through 4.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in a magnet request.
CVE-2005-0811 1 Notify Technology 1 Notifylink 2026-04-16 N/A
The web interface in NotifyLink 3.0 does not properly restrict access to functions that have been disabled in the GUI, which allows remote authenticated users to bypass intended restrictions via a direct request to certain URLs.
CVE-2005-0809 1 Notify Technology 1 Notifylink 2026-04-16 N/A
NotifyLink, when configured for client key retrieval, allows remote attackers to obtain AES keys via a direct request to /hwp/get.asp, then uses a weak encryption scheme (fixed byte reordering) to protect the key, which allows remote attackers to obtain the key via a brute force attack.
CVE-2005-0810 1 Notify Technology 1 Notifylink 2026-04-16 N/A
SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQL commands via the URL.
CVE-2005-0812 1 Notify Technology 1 Notifylink 2026-04-16 N/A
The web interface in NotifyLink 3.0 displays passwords in cleartext on the administrative page, which could allow remote attackers or local users to obtain sensitive information.
CVE-2005-0819 1 Novell 1 Netware 2026-04-16 N/A
The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start.
CVE-2005-0821 1 Citrix 1 Metaframe Conferencing Manager 2026-04-16 N/A
Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 allows conference members to bypass organizer restrictions to control the keyboard and mouse.
CVE-2005-0831 1 Php-post 1 Php-post Web Forum 2026-04-16 N/A
PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters.
CVE-2005-0830 1 Xzabite 1 Dyndnsupdate 2026-04-16 N/A
Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, including the ipcheck function in dyndnsupdate.c, allow remote attackers who spoof a dyndns.org server to execute arbitrary code via unknown vectors.
CVE-2005-0834 1 Belkin 1 Belkin 54g Wireless Router 2026-04-16 N/A
Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attackers to obtain sensitive information.
CVE-2005-0839 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.
CVE-2005-0841 1 Phpmyfamily 1 Phpmyfamily 2026-04-16 N/A
SQL injection vulnerability in (1) people.php, (2) track.php, (3) edit.php, (4) document.php, (5) census.php, (6) passthru.php and possibly other php files in phpMyFamily 1.4.0 allows remote attackers to execute arbitrary SQL commands, as demonstrated via (1) the person parameter to people.php or (2) the Login field.
CVE-2005-0833 1 Belkin 1 Belkin 54g Wireless Router 2026-04-16 N/A
Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniffing URIs from UPNP datagrams, then accessing those URIs, which do not require authentication.
CVE-2005-0846 1 Netwin 1 Surgemail 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the email auto-reply message in SurgeMail 2.2g3 allow remote attackers to inject arbitrary web script or HTML via the (1) message subject or (2) message header field.