Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1182 1 Ibm 1 Os 400 2026-04-16 N/A
Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs.
CVE-2005-1190 1 Webcamxp 1 Webcamxp Pro 2026-04-16 N/A
WebcamXP PRO v2.16.468 and earlier allows remote attackers to cause a denial of service via a long chat name, which takes up too much display space and prevents the chat frame from being properly rendered.
CVE-2005-1196 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
SQL injection vulnerability in kb.php in the Knowledge Base module for phpBB allows remote attackers to obtain sensitive information and execute SQL commands via the cat parameter.
CVE-2005-1198 1 Anaconda Partners 1 Foundation Directory 2026-04-16 N/A
Directory traversal vulnerability in apexec.pl for Anaconda Foundation Directory allows remote attackers to read arbitrary files via hex-encoded null characters (%00) in the middle of ".." sequences in the template parameter.
CVE-2005-1199 1 Infopop 1 Ultimate Bulletin Board 2026-04-16 N/A
SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arbitrary SQL commands via the main parameter.
CVE-2005-1261 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.
CVE-2005-1262 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message.
CVE-2005-1269 2 Redhat, Rob Flynn 2 Enterprise Linux, Gaim 2026-04-16 N/A
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
CVE-2005-1302 1 Swsoft 1 Confixx 2026-04-16 N/A
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.
CVE-2005-1295 1 Include.cgi 1 Include.cgi 2026-04-16 N/A
include.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2005-1297 1 Include.cgi 1 Include.cgi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.
CVE-2005-1312 1 Yappa-ng 1 Yappa-ng 2026-04-16 N/A
PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors.
CVE-2005-1329 1 Oneworldstore 1 Oneworldstore 2026-04-16 N/A
owOfflineCC.asp in OneWorldStore allows remote attackers to obtain sensitive information by modifying the idOrder parameter.
CVE-2005-1333 1 Apple 1 Mac Os X 2026-04-16 N/A
Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files.
CVE-2005-1364 1 Metalinks 1 Metabid Auctions 2026-04-16 N/A
Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password fields in logIn.asp, or (3) intAuctionID parameter to item.asp.
CVE-2005-1380 1 Bea 1 Weblogic Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote attackers to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action.
CVE-2005-1383 1 Oracle 1 Application Server 2026-04-16 N/A
The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778.
CVE-2005-1412 1 Ecomm 1 Professional Guestbook 2026-04-16 N/A
SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter.
CVE-2005-1452 1 S9y 1 Serendipity 2026-04-16 N/A
Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."
CVE-2005-1399 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver.