Total
29909 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2715 | 1 Symantec Veritas | 2 Netbackup Data And Business Center, Netbackup Enterprise Server Client | 2026-04-16 | N/A |
| Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command. | ||||
| CVE-2005-1205 | 1 Microsoft | 1 Windows 2003 Server | 2026-04-16 | N/A |
| The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command. | ||||
| CVE-2005-2722 | 1 Foojan | 1 Php Weblog | 2026-04-16 | N/A |
| Foojan PHP Weblog allows remote attackers to obtain sensitive information via (1) a direct request to /daylinks/index.php or (2) a negative value in the daylinkspage parameter to index.php, which reveal the path in an error message. | ||||
| CVE-2005-2730 | 1 Astaro | 1 Security Linux | 2026-04-16 | N/A |
| The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message. | ||||
| CVE-2005-2733 | 1 Alexander Palmo | 1 Simple Php Blog | 2026-04-16 | N/A |
| upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-2739 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Keychain Access in Mac OS X 10.4.2 and earlier keeps a password visible even if a keychain times out while the password is being viewed, which could allow attackers with physical access to obtain the password. | ||||
| CVE-2005-2750 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Software Update in Mac OS X 10.4.2, when the user marks all updates to be ignored, exits without asking the user to reset the status of the updates, which could prevent important, security-relevant updates from being installed. | ||||
| CVE-2005-2761 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message. | ||||
| CVE-2005-2764 | 1 Openttd | 1 Openttd | 2026-04-16 | N/A |
| Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2005-2770 | 1 Wrq | 1 Wrq Reflection For Secure It Windows Server | 2026-04-16 | N/A |
| WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) does not properly handle when the Windows Administrator or Guest accounts are renamed after SSH key authentication has been configured, which allows remote attackers to use the original names during login. | ||||
| CVE-2005-2771 | 2 F-secure, Wrq | 2 F-secure Ssh Server, Wrq Reflection For Secure It Windows Server | 2026-04-16 | N/A |
| WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied. | ||||
| CVE-2005-2783 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.00.107 and earlier allows remote attackers to inject arbitrary web script or HTML via nested, malformed URL BBCode tags. | ||||
| CVE-2005-2784 | 1 Cosmoshop | 1 Cosmoshop | 2026-04-16 | N/A |
| SQL injection vulnerability in the login function for the administration login panel in cosmoshop 8.10.78 allows remote attackers to execute arbitrary SQL commands and bypass authentication via unspecified vectors. | ||||
| CVE-2005-2785 | 1 Cosmoshop | 1 Cosmoshop | 2026-04-16 | N/A |
| cosmoshop 8.10.78 and earlier stores passwords in plaintext in the database, which allows local users to obtain sensitive information. | ||||
| CVE-2005-2787 | 1 Alexander Palmo | 1 Simple Php Blog | 2026-04-16 | N/A |
| comment_delete_cgi.php in Simple PHP Blog allows remote attackers to delete arbitrary files via the comment parameter. | ||||
| CVE-2005-2798 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-16 | N/A |
| sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. | ||||
| CVE-2005-4005 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to obtain path information and possibly execute arbitrary SQL commands via the srch_text parameter in a Search and Sort option to messages.php. | ||||
| CVE-2005-0044 | 1 Microsoft | 7 Exchange Server, Windows 2000, Windows 2003 Server and 4 more | 2026-04-16 | N/A |
| The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." | ||||
| CVE-2005-3473 | 1 Alexander Palmo | 1 Simple Php Blog | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.4.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) entry, (2) blog_subject, and (3) blog_text parameters (involving the temp_subject variable) in (a) preview_cgi.php and (b) preview_static_cgi.php, or (4) scheme_name parameter and (5) bg_color parameters (involving the preset_name and result variables) in (c) colors.php. | ||||
| CVE-2004-0068 | 1 Phpdig.net | 1 Phpdig | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in config.php for PhpDig 1.6.5 and earlier allows remote attackers to execute arbitrary PHP code by modifying the $relative_script_path parameter to reference a URL on a remote web server that contains the code. | ||||