Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1656 | 1 Mercur | 1 Mercur Messaging | 2025-04-03 | N/A |
| Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20"). | ||||
| CVE-2005-1658 | 1 Myserver | 1 Myserver | 2025-04-03 | N/A |
| Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). | ||||
| CVE-2005-1660 | 1 Htmljunction | 1 Ezguestbook | 2025-04-03 | N/A |
| HTMLJunction EZGuestbook stores the guestbook.mdb file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the administrative password. | ||||
| CVE-2005-1661 | 1 Jeuce | 1 Jeuce Personal Web Server | 2025-04-03 | N/A |
| Jeuce Personal Webserver 2.13 allows remote attackers to cause a denial of service (server crash) via a long GET request, possibly triggering a buffer overflow. | ||||
| CVE-2005-1662 | 1 Jeuce | 1 Jeuce Personal Web Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Jeuce Personal Web Server 2.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2004-1661 | 1 Sitecubed | 1 Mailworks Professional | 2025-04-03 | N/A |
| MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1." | ||||
| CVE-2005-1667 | 1 Datatrac | 1 Activity Console | 2025-04-03 | N/A |
| DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request. | ||||
| CVE-2005-1666 | 1 Orenosv | 1 Orenosv Http Ftp Server | 2025-04-03 | N/A |
| Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe. | ||||
| CVE-2005-1671 | 1 Yahoo | 1 Messenger | 2025-04-03 | N/A |
| The Logfile feature in Yahoo! Messenger 5.x through 6.0 can be activated by a YMSGR: URL and writes all output to a single ypager.log file, even when there are multiple users, and does not properly warn later users that the feature has been enabled, which allows local users to obtain sensitive information from other users. | ||||
| CVE-2005-1675 | 1 Groove | 2 Groove Workspace, Virtual Office | 2025-04-03 | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | ||||
| CVE-2005-1677 | 1 Groove | 2 Groove Workspace, Virtual Office | 2025-04-03 | N/A |
| Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects. | ||||
| CVE-2005-1679 | 1 Timo Rossi | 1 Picasm | 2025-04-03 | N/A |
| Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message. | ||||
| CVE-2005-1678 | 1 Groove | 2 Groove Workspace, Virtual Office | 2025-04-03 | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code. | ||||
| CVE-2005-1687 | 1 Wordpress | 1 Wordpress | 2025-04-03 | N/A |
| SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. | ||||
| CVE-2005-1683 | 1 Microsoft | 1 Word | 2025-04-03 | N/A |
| Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file. | ||||
| CVE-2005-1692 | 1 Xine | 1 Gxine | 2025-04-03 | N/A |
| Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers. | ||||
| CVE-2005-1702 | 1 Black Cactus | 2 Warrior Kings, Warrior Kings Battles | 2025-04-03 | N/A |
| Format string vulnerability in Warrior Kings: Battles 1.23 and earlier and Warrior Kings 1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a nickname. | ||||
| CVE-2005-1703 | 1 Black Cactus | 1 Warrior Kings Battles | 2025-04-03 | N/A |
| Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference. | ||||
| CVE-2005-1705 | 2 Gnu, Redhat | 2 Gdb, Enterprise Linux | 2025-04-03 | N/A |
| gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb. | ||||
| CVE-2005-1706 | 1 Mailscanner | 1 Mailscanner | 2025-04-03 | N/A |
| Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection. | ||||