Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0921 1 Microsoft 1 Outlook Connector 2026-04-16 N/A
Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy.
CVE-2005-0958 1 Yepyep 1 Mtftpd 2026-04-16 N/A
Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD command.
CVE-2005-0959 1 Yepyep 1 Mtftpd 2026-04-16 N/A
Buffer overflow in the mt_do_dir function in YepYep mtftpd 0.0.3 may allow attackers to execute arbitrary code via a long path.
CVE-2005-0961 1 Horde 1 Application Framework 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde 3.0.4 before 3.0.4-RC2 allows remote attackers to inject arbitrary web script or HTML via the parent frame title.
CVE-2005-0962 1 Lighthouse Development 1 Squirrelcart 2026-04-16 N/A
SQL injection vulnerability in index.php for Lighthouse Squirrelcart allows remote attackers to execute arbitrary SQL commands via the (1) crn parameter in a show action or (2) rn parameter in a show_detail action.
CVE-2005-0978 1 Ivt 1 Bluesoleil 2026-04-16 N/A
Directory traversal vulnerability in the Object Push service in IVT BlueSoleil 1.4 allows remote attackers to upload arbitrary files via a .. (dot dot) in a PUSH command.
CVE-2005-0981 1 Alstrasoft 1 Epay 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft EPay Pro 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) payment or (2) send parameter.
CVE-2005-1067 1 Access User Class 1 Access User Class 2026-04-16 N/A
Vulnerability in Access_user Class before 1.75 allows local users to gain access as other users via the password "new".
CVE-2005-0998 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
The Web_Links module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server.
CVE-2005-1019 1 Aeon 1 Aeon 2026-04-16 N/A
Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable.
CVE-2005-1025 1 Ibm 1 Iseries As 400 2026-04-16 N/A
The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library.
CVE-2005-1027 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Nuke 6.x through 7.6 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in the Your_Account module, (2) avatarcategory parameter in the Your_Account module, or (3) lid parameter in the Downloads module.
CVE-2005-1035 1 Pavuk 1 Pavuk 2026-04-16 N/A
Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact.
CVE-2005-1037 1 Ibm 1 Aix 2026-04-16 N/A
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
CVE-2005-1055 1 Towerblog 1 Towerblog 2026-04-16 N/A
TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the _dat/login file.
CVE-2005-1056 1 Hp 1 Openview Network Node Manager 2026-04-16 N/A
Unknown vulnerability in HP OpenView Network Node Manager (NMM) 6.2 through 6.4, and 7.01 through 7.50, allows remote attackers to cause a denial of service.
CVE-2005-1057 1 Cisco 1 Ios 2026-04-16 N/A
Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."
CVE-2005-1068 1 Scssboard 1 Scssboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in sCssBoard 1.11 and earlier allows remote attackers to execute arbitrary Javascript via [url] tags.
CVE-2005-1065 1 Novell 1 Linux Desktop 2026-04-16 N/A
tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.
CVE-2005-1066 1 University Of Washington 1 Pine 2026-04-16 N/A
Race condition in rpdump in Pine 4.62 and earlier allows local users to overwrite arbitrary files via a symlink attack.