Total
29932 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2592 | 1 Parlano | 1 Mindalign | 2026-04-16 | N/A |
| Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors. | ||||
| CVE-2005-2595 | 1 Dada Mail | 1 Dada Mail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages. | ||||
| CVE-2005-2596 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries. | ||||
| CVE-2005-2597 | 1 Aol | 1 Aol Client Software | 2026-04-16 | N/A |
| AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program. | ||||
| CVE-2005-2600 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter. | ||||
| CVE-2005-2603 | 1 My Image Gallery | 1 My Image Gallery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters. | ||||
| CVE-2005-2610 | 1 Vegadns | 1 Vegadns | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2005-2613 | 1 Cpaint | 1 Cpaint | 2026-04-16 | N/A |
| Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows attackers to execute arbitrary PHP or ASP code or read files via unknown vectors. | ||||
| CVE-2005-2614 | 1 Crosscom Olicom | 1 Discuz | 2026-04-16 | N/A |
| Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other multiple extensions that include .php. | ||||
| CVE-2006-3739 | 3 Redhat, X.org, Xfree86 Project | 3 Enterprise Linux, X.org, Xfree86 X | 2026-04-16 | N/A |
| Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow. | ||||
| CVE-2005-2615 | 1 Eqdkp | 1 Eqdkp | 2026-04-16 | N/A |
| Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id. | ||||
| CVE-2005-2616 | 1 Ezupload | 1 Ezupload | 2026-04-16 | N/A |
| Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php. | ||||
| CVE-2005-2625 | 1 Cpaint | 1 Cpaint | 2026-04-16 | N/A |
| Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist. | ||||
| CVE-2005-2630 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | N/A |
| Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094. | ||||
| CVE-2005-2631 | 1 Cisco | 1 Network Admission Control Manager And Server System Software | 2026-04-16 | N/A |
| Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users. | ||||
| CVE-2005-2633 | 1 Phptb | 1 Topic Boards | 2026-04-16 | N/A |
| Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter. | ||||
| CVE-2005-2636 | 2 Phpadsnew, Phppgads | 2 Phpadsnew, Phppgads | 2026-04-16 | N/A |
| SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter. | ||||
| CVE-2005-2642 | 1 Mutt | 1 Mutt | 2026-04-16 | N/A |
| Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext. | ||||
| CVE-2006-2133 | 1 Boonex | 1 Barracuda | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, possibly involving the link_edit functionality. | ||||
| CVE-2005-2643 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit. | ||||