2005 CVEs
4770 CVEs published in 2005. 17 critical, 28 high. Browse by vendor, severity, or with PoCs.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2005-4891 | Critical | 9.8 | 2020-01-15 | Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements. |
CVE-2005-2354 | Critical | 9.8 | 2019-11-05 | Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues. |
CVE-2005-3056 | Critical | 9.8 | 2019-11-01 | TWiki allows arbitrary shell command execution via the Include function |
CVE-2005-3590 | Critical | 9.8 | 2019-04-10 | The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specif… |
CVE-2005-3435 | Critical | 9.8 | 2005-11-02 | admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example throug… |
CVE-2005-3120 | Critical | 9.8 | 2005-10-17 | Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers c… |
CVE-2005-2773 | Critical | 9.8 | 2005-09-02 | HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to c… |
CVE-2005-2103 | Critical | 9.8 | 2005-08-16 | Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute ar… |
CVE-2005-1689 | Critical | 9.8 | 2005-07-18 | Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certai… |
CVE-2005-1744 | Critical | 9.8 | 2005-05-24 | BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to conti… |
CVE-2005-1513 | Critical | 9.8 | 2005-05-11 | Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers t… |
CVE-2005-0269 | Critical | 9.8 | 2005-05-02 | The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbi… |
CVE-2005-0199 | Critical | 9.8 | 2005-05-02 | Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) a… |
CVE-2005-1141 | Critical | 9.8 | 2005-04-15 | Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM fil… |
CVE-2005-0496 | Critical | 9.8 | 2005-02-21 | Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system… |
CVE-2005-0408 | Critical | 9.8 | 2005-02-14 | CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass authenticat… |
CVE-2005-0102 | Critical | 9.8 | 2005-01-24 | Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length… |
CVE-2005-10004 | High | 8.8 | 2025-08-30 | Cacti versions prior to 0.8.6-d contain a remote command execution vulnerability in the graph_view.php script. An authenticated user can inject arbitrary shell… |
CVE-2005-0490 | High | 8.8 | 2005-05-02 | Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via… |
CVE-2005-1831 | High | 8.4 | 2005-05-31 | Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank p… |