Search Results (367217 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2264 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.
CVE-2005-2265 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string.
CVE-2005-1796 2 Debian, Ettercap 2 Debian Linux, Ettercap 2026-04-16 N/A
Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.
CVE-2005-1797 1 Openssl 1 Openssl 2026-04-16 N/A
The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.
CVE-2005-1798 1 Serverscheck 1 Monitoring Software 2026-04-16 N/A
Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
CVE-2005-1799 1 Freestyle 2 Wiki, Wikilite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-1800 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
CVE-2005-1801 1 Nokia 1 9500 2026-04-16 N/A
The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it.
CVE-2005-1802 1 Nortel 9 Contivity, Vpn Router 1010, Vpn Router 1050 and 6 more 2026-04-16 N/A
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.
CVE-2005-1803 1 Net Portal Dynamic System 1 Net Portal Dynamic System 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php.
CVE-2005-1804 1 Net Portal Dynamic System 1 Net Portal Dynamic System 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php.
CVE-2005-1805 1 Online Solutions For Educators 1 Online Solutions For Educators 2026-04-16 N/A
SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password.
CVE-2005-1806 1 Peercast 1 Peercast 2026-04-16 N/A
Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL.
CVE-2005-1807 1 Phpmailer 1 Phpmailer 2026-04-16 N/A
The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field.
CVE-2005-1808 1 Firefly Studios 1 Stronghold 2 2026-04-16 N/A
Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception.
CVE-2005-1809 1 Sony 2 P900, P900 Firmware 2026-04-16 N/A
Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service (panic) via an obexftp session with a long filename in an OBEX File Transfer or OBEX Object Push.
CVE-2005-1810 1 Wordpress 1 Wordpress 2026-04-16 N/A
SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $cat_ID variable, as demonstrated using the cat parameter to index.php.
CVE-2005-1811 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via the website field in a user profile.
CVE-2005-1812 1 Futuresoft 1 Tftp Server 2000 2026-04-16 N/A
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
CVE-2005-1813 1 Futuresoft 1 Tftp Server 2000 2026-04-16 N/A
Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET request containing (1) "../" (dot dot slash) or (2) "..\" (dot dot backslash) sequences.