Search Results (367033 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1165 1 Yager Development 1 Yager Game 2026-04-16 N/A
Yager 5.24 and earlier allows remote attackers to cause a denial of service (application crash) via certain malformed data.
CVE-2005-1166 1 Dameware Development 2 Dameware Nt Utilities, Miniremote Control 2026-04-16 N/A
The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.
CVE-2005-1167 1 Musicmatch 1 Jukebox 2026-04-16 N/A
Musicmatch 10.00.2047 and earlier store log files in the Program Files directory instead of the user profile, which may allow local users to obtain sensitive information.
CVE-2005-1169 1 Mafia 1 Mafia Blog 2026-04-16 N/A
Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php.
CVE-2005-1170 1 Datenbank Module 1 Datenbank Module 2026-04-16 N/A
SQL injection vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-1171 1 Datenbank Module 1 Datenbank Module 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVE-2005-1172 1 Coppermine 1 Coppermine Photo Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter.
CVE-2005-1173 1 Pmsoftware 1 Simple Web Server 2026-04-16 N/A
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2005-1174 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory.
CVE-2005-1175 2 Mit, Redhat 2 Kerberos 5, Enterprise Linux 2026-04-16 N/A
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.
CVE-2005-1176 1 Ibm 1 Aix 2026-04-16 N/A
Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information.
CVE-2005-1177 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact.
CVE-2005-1179 1 Xerox 19 Workcentre, Workcentre 165, Workcentre 175 and 16 more 2026-04-16 N/A
Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to SNMP authentication, allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-0703.
CVE-2005-1180 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter.
CVE-2005-1181 1 Ariadne 1 Ariadne Cms 2026-04-16 N/A
NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code. NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005
CVE-2005-1182 1 Ibm 1 Os 400 2026-04-16 N/A
Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs.
CVE-2005-1183 1 Mvnforum 1 Mvnforum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter.
CVE-2005-1184 1 Microsoft 5 Windows 2000, Windows 2003 Server, Windows 98se and 2 more 2026-04-16 N/A
The TCP/IP stack in multiple operating systems allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the correct sequence number but the wrong Acknowledgement number, which generates a large number of "keep alive" packets. NOTE: some followups indicate that this issue could not be replicated.
CVE-2005-1185 1 Musicmatch 1 Jukebox 2026-04-16 N/A
Unquoted Windows search path vulnerability in Musicmatch Jukebox 10.00.2047 and earlier allows local users to gain privileges via a malicious C:\program.exe file, which is run by MMFWLaunch.exe when it attempts to execute launch.exe.
CVE-2005-1186 1 Musicmatch 1 Jukebox 2026-04-16 N/A
Musicmatch Jukebox 10.00.2047 and earlier adds the musicmatch.com domain to the Trusted Sites zone in Internet Explorer, which allows systems in the domain to conduct unauthorized activities, as demonstrated using cross-site scripting (XSS) attacks.