Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1405 | 1 Ibm | 1 Lotus Notes | 2025-04-03 | N/A |
| HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications. | ||||
| CVE-2005-1406 | 1 Freebsd | 1 Freebsd | 2025-04-03 | N/A |
| The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. | ||||
| CVE-2005-1407 | 1 Skype Technologies | 1 Skype | 2025-04-03 | N/A |
| Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. | ||||
| CVE-2005-1408 | 1 Apple | 1 Keynote | 2025-04-03 | N/A |
| Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation. | ||||
| CVE-2005-1409 | 2 Postgresql, Redhat | 2 Postgresql, Enterprise Linux | 2025-04-03 | N/A |
| PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability." | ||||
| CVE-2005-1410 | 3 Postgresql, Redhat, Trustix | 3 Postgresql, Enterprise Linux, Secure Linux | 2025-04-03 | N/A |
| The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments. | ||||
| CVE-2005-1411 | 1 Cybration | 1 Icuii | 2025-04-03 | N/A |
| Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows local users to gain privileges. | ||||
| CVE-2005-1412 | 1 Ecomm | 1 Professional Guestbook | 2025-04-03 | N/A |
| SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter. | ||||
| CVE-2005-1413 | 1 Envivosoft | 1 Envivo Cms | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp, or the (3) searchstring and possibly (4) ID parameters to default.asp. | ||||
| CVE-2005-1414 | 1 Exoticsoft | 1 Filepocket | 2025-04-03 | N/A |
| ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges. | ||||
| CVE-2005-1415 | 1 Globalscape | 1 Secure Ftp Server | 2025-04-03 | N/A |
| Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command. | ||||
| CVE-2005-1416 | 1 Soft3304 | 1 04webserver | 2025-04-03 | N/A |
| Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. | ||||
| CVE-2005-1417 | 1 Maxwebportal | 1 Maxwebportal | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in MaxWebPortal 2.x, 1.35, and other versions allow remote attackers to execute arbitrary SQL commands via (1) article_popular.asp, (2) arguments to dl_popular.asp, (3) arguments to links_popular.asp, (4) arguments to pic_popular.asp, (5) article_rate.asp, (6) dl_rate.asp, (7) links_rate.asp, (8) pic_rates.asp, (9) article_toprated.asp, (10) dl_toprated.asp, (11) links_toprated.asp, (12) arguments to pic_toprated.asp, or (13) the TOPIC_ID or Forum_ID parameters to custom_link.asp. | ||||
| CVE-2005-1418 | 1 Netleaf Limited | 1 Notjustbrowsing | 2025-04-03 | N/A |
| NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges. | ||||
| CVE-2005-1419 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2025-04-03 | N/A |
| SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter. | ||||
| CVE-2005-1420 | 1 Raysoft | 1 Video Cam Server | 2025-04-03 | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space). | ||||
| CVE-2005-1421 | 1 Raysoft | 1 Video Cam Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request. | ||||
| CVE-2005-1422 | 1 Raysoft | 1 Video Cam Server | 2025-04-03 | N/A |
| Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to conduct administrator operations and cause a denial of service (server or camera shutdown) via a direct request to admin.html. | ||||
| CVE-2005-1423 | 1 Software602 | 1 602lan Suite | 2025-04-03 | N/A |
| Directory traversal vulnerability in the mail program in 602LAN SUITE 2004.0.05.0413 allows remote attackers to cause a denial of service and determine the presence of arbitrary files via .. sequences in the A parameter. | ||||
| CVE-2005-1424 | 1 Stumbleinside | 1 Gotext | 2025-04-03 | N/A |
| StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information. | ||||