Medium · CVSS 5.9
SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence of an identifier is not, by itself, a technology recommendation.
Published Oct 14, 2016 · Updated May 22, 2026
High · CVSS 7.4
Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which allows remote attackers to spoof public keys of legitimate servers and conduct man-in-the-middle attacks.
Published Jun 1, 2005 · Updated May 22, 2026
High · CVSS 8.7
Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell commands via the graph_start GET parameter, which is improperly handled during graph rendering. This flaw allows attackers to execute commands on the underlying operating system with the privileges of the web server process, potentially compromising system integrity.
Published Aug 30, 2025 · Updated May 15, 2026
Critical · CVSS 9.8 · CISA KEV
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
Published Sep 2, 2005 · Updated Oct 22, 2025
Medium · CVSS 5.4
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The manipulation of the argument target leads to an open redirect. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Published Mar 28, 2022 · Updated Apr 15, 2025
Low · CVSS 3.7
Cross-site scripting (XSS) vulnerability in Fidra Lighthouse CMS 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a query_string to the home page. NOTE: The vendor disputes this issue, saying "Lighthouse does not in any way make use of the PHP technology. [It] is an application server ... A technology like this cannot be susceptible to client-side cross-site-scripting-attacks on its own, but only applications created based on such a technology. This does not only apply to Lighthouse, but also to Perl, PHP or web applications based on Java Servlet technology." Since the original researcher is known to test demo pages and is sometimes inaccurate, it is likely that this issue will be REJECTED
Published Apr 14, 2006 · Updated Jan 16, 2025
Medium · CVSS 5.3
Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots.
Published Jan 14, 2006 · Updated Jan 16, 2025
Medium · CVSS 6.3
SQL injection vulnerability in server_privileges.php in phpMyAdmin 2.7.0 allows remote authenticated users to execute arbitrary SQL commands via the (1) dbname and (2) checkprivs parameters. NOTE: the vendor and a third party have disputed this issue, saying that the main task of the program is to support query execution by authenticated users, and no external attack scenario exists without an auto-login configuration. Thus it is likely that this issue will be REJECTED. However, a closely related CSRF issue has been assigned CVE-2005-4450
Published Dec 19, 2005 · Updated Jan 16, 2025
Medium · CVSS 6.1
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.
Published Dec 13, 2005 · Updated Jan 16, 2025
High · CVSS 7.3
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
Published Oct 24, 2005 · Updated Jan 16, 2025
Medium · CVSS 4.7
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
Published Sep 30, 2005 · Updated Jan 16, 2025
Critical · CVSS 9.8
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
Published Aug 16, 2005 · Updated Jan 16, 2025
Medium · CVSS 4.5
Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file.
Published Jun 7, 2005 · Updated Jan 16, 2025
High · CVSS 8.4
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty.
Published Jun 2, 2005 · Updated Jan 16, 2025
Medium · CVSS 5.3
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message.
Published May 25, 2005 · Updated Jan 16, 2025
Medium · CVSS 6.5
Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perform actions as the administrator via a link or IMG tag to view.php.
Published May 19, 2005 · Updated Jan 16, 2025
Low · CVSS 3.7
BibORB 1.3.2, and possibly earlier versions, does not properly enforce a restriction for uploading only PDF and PS files, which allows remote attackers to upload arbitrary files that are presented to other users with PDF or PS icons, which may trick some users into downloading and executing those files.
Published Feb 17, 2005 · Updated Jan 16, 2025
Medium · CVSS 5.3
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
Published Feb 11, 2005 · Updated Jan 16, 2025
Medium · CVSS 5
The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer (LDAPS) even when the Certificate Authority (CA) is not trusted, which could allow attackers to trick users into believing that they are accessing a trusted site.
Published Oct 6, 2005 · Updated Dec 5, 2024
Medium · CVSS 6.3
A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 0.8.3 is able to address this issue. The patch is named 6ed8e3cc336e29f09c7e791863d0559939da98bf. It is recommended to upgrade the affected component.
Published Oct 17, 2024 · Updated Oct 17, 2024
Unknown · CVSS Not scored
Race condition in ip_vs_conn_flush in Linux 2.6 before 2.6.13 and 2.4 before 2.4.32-pre2, when running on SMP systems, allows local users to cause a denial of service (null dereference) by causing a connection timer to expire while the connection table is being flushed before the appropriate lock is acquired.
Published Oct 20, 2005 · Updated Oct 15, 2024
Unknown · CVSS Not scored
The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.
Published May 18, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER name.
Published Sep 22, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in source.php in Quick & Dirty PHPSource Printer 1.1 and earlier allows remote attackers to read arbitrary files via ".../...//" sequences in the file parameter, which are reduced to "../" when PHPSource Printer uses a regular expression to remove "../" sequences.
Published Jul 6, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error message.
Published Dec 11, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
man2web allows remote attackers to execute arbitrary commands via -P arguments.
Published Sep 7, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, the forum parameter to (3) newtopic.php, (4) edit.php, or (5) reply.php in the newbb plus module, or (6) the msg_id parameter to print.php in the messages module.
Published Aug 24, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
SecurityAgent in Apple Mac OS X 10.4.2, under certain circumstances, can cause the "Switch User..." button to appear even though the "Enable fast user switching" setting is disabled, which can allow attackers with physical access to gain access to the desktop and bypass the "Require password to wake this computer from sleep or screen saver" setting.
Published Oct 25, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473.
Published Oct 21, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy.
Published Mar 29, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter.
Published Sep 22, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
WebCalendar before 1.0.0 does not properly restrict access to assistant_edit.php, which allows remote attackers to gain privileges.
Published Jul 19, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body.
Published Aug 17, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters.
Published Oct 23, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
amaroK Web Frontend 1.3 stores the globals.inc file under the web root without a .php extension and insufficient access control, which allows remote attackers to obtain the database username and password via a direct request to the file.
Published Jun 21, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code.
Published Aug 24, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
IBM Informix Dynamic Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account by supplying an invalid username.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set.
Published May 18, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the searchtype or searchterm parameters to (1) results.php or (2) categorysearch.php.
Published Jul 19, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.
Published Oct 25, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a running process.
Published Aug 23, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).
Published Jun 8, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php.
Published Jun 30, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in index.php in EasyPageCMS allows remote attackers to inject arbitrary web script or HTML via the cat parameter.
Published Nov 27, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Certain system calls in Apple Mac OS X 10.4.1 do not properly enforce the permissions of certain directories without the POSIX read bit set, but with the execute bits set for group or other, which allows local users to list files in otherwise restricted directories.
Published Jun 9, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in default.asp for FSboard 2.0 allows remote attackers to read arbitrary files via ".." sequences in the filename parameter.
Published Jul 5, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Michael Scholz and Sebastian Stein Contineo 2.0, when the admin account lacks an e-mail address attribute, displays the password hash in a warning upon page reload, which might allow remote attackers to view the hash.
Published Apr 13, 2006 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection.
Published May 24, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack.
Published Aug 29, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/.
Published May 17, 2005 · Updated Sep 17, 2024