Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0612 1 Cisco 7 Ipvc-3510-mcu, Ipvc-3520-gw-2b, Ipvc-3520-gw-2b2v and 4 more 2026-04-16 N/A
Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration.
CVE-2005-0615 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter.
CVE-2005-0616 1 Postnuke Software Foundation 1 Postnuke Phoenix 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables.
CVE-2005-0636 1 Foxmail 1 Foxmail Email Server 2026-04-16 N/A
Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command.
CVE-2005-0631 1 Pblang 1 Pblang 2026-04-16 N/A
delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters.
CVE-2005-0632 1 Phpnews 1 Phpnews 2026-04-16 N/A
PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter.
CVE-2005-0633 1 Cerulean Studios 2 Trillian, Trillian Pro 2026-04-16 N/A
Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.
CVE-2005-0634 1 Kmint21 Software 1 Golden Ftp Server 2026-04-16 N/A
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.
CVE-2005-0741 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in YaBB.pl for YaBB 2.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a usersrecentposts action.
CVE-2005-0725 1 Wf-sections 1 Wf-sections 2026-04-16 N/A
SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections (wfsections) 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php.
CVE-2005-0729 1 Techland 1 Xpand Rally 2026-04-16 N/A
Format string vulnerability in Xpand Rally 1.1.0.0 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a message.
CVE-2005-0730 1 Py Software 1 Active Webcam 2026-04-16 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service via a request to a file on the floppy drive, as demonstrated using A:\a.txt.
CVE-2005-0731 1 Py Software 1 Active Webcam 2026-04-16 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to Filelist.html.
CVE-2005-0732 1 Py Software 1 Active Webcam 2026-04-16 N/A
PY Software Active Webcam WebServer (webcam.exe) 5.5 allows remote attackers to obtain the full path of the web server via a request for a non-existent filename, which leaks the full path in an error message.
CVE-2005-0785 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2005-0758 3 Canonical, Gnu, Redhat 3 Ubuntu Linux, Gzip, Enterprise Linux 2026-04-16 N/A
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
CVE-2005-0828 3 Ciamos, E-xoops, Runcms 3 Ciamos, E-xoops, Runcms 2026-04-16 N/A
highlight.php in (1) RUNCMS 1.1A, (2) CIAMOS 0.9.2 RC1, (3) e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allows remote attackers to read arbitrary PHP files by specifying the pathname in the file parameter, as demonstrated by reading database configuration information from mainfile.php.
CVE-2005-1178 1 Oracle 1 Forms 2026-04-16 N/A
SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature.
CVE-2005-0830 1 Xzabite 1 Dyndnsupdate 2026-04-16 N/A
Multiple buffer overflows in Xzabite DYNDNSUpdate 0.6.15 and earlier, including the ipcheck function in dyndnsupdate.c, allow remote attackers who spoof a dyndns.org server to execute arbitrary code via unknown vectors.
CVE-2005-0831 1 Php-post 1 Php-post Web Forum 2026-04-16 N/A
PHP-Post allows remote attackers to spoof the names of other users by registering with a username containing hex-encoded characters.