Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2660 1 Apachetop 1 Apachetop 2026-04-16 N/A
apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug.
CVE-2005-2663 1 Masqmail 1 Masqmail 2026-04-16 N/A
masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file.
CVE-2005-2667 2 Broadcom, Ca 24 Advantage Data Transport, Adviseit, Brightstor Portal and 21 more 2026-04-16 N/A
Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows attackers to cause a denial of service via unknown vectors, aka the "CAM TCP port vulnerability."
CVE-2005-2673 1 Woltlab 1 Burning Board 2026-04-16 N/A
SQL injection vulnerability in modcp.php in WoltLab Burning Board 2.2.2 and 2.3.3 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) x or (2) y parameters.
CVE-2005-2674 1 Neocrome 1 Land Down Under 2026-04-16 N/A
Note: the vendor has disputed this issue. Multiple cross-site scripting (XSS) vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to inject arbitrary web script or HTML via the (1) c or (2) m parameters to index.php or (3) w parameter to journal.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.
CVE-2005-2675 1 Neocrome 1 Land Down Under 2026-04-16 N/A
Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter to forums.php, (3) o, (4) w, (5) s, or (6) p parameter to list.php, (7) m parameter to journal.php, (8) x or (9) n parameter to forums.php, or (10) w parameter to links.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.
CVE-2005-2693 2 Cvs, Redhat 2 Cvs, Enterprise Linux 2026-04-16 N/A
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
CVE-2005-2698 1 Nelogic Technologies 1 Nephp Publisher Enterprise 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded keywords parameter.
CVE-2005-2699 1 Phpkit 1 Phpkit 2026-04-16 N/A
Unrestricted file upload vulnerability in admin/admin.php in PHPKit 1.6.1 allows remote authenticated administrators to execute arbitrary PHP code by uploading a .php file to the content/images/ directory using images.php. NOTE: if a PHPKit administrator must already have access to the end system to install or modify configuration of the product, then this issue might not cross privilege boundaries, and should not be included in CVE.
CVE-2005-2702 2 Mozilla, Redhat 3 Firefox, Mozilla Suite, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
CVE-2005-2704 2 Mozilla, Redhat 3 Firefox, Mozilla Suite, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
CVE-2005-2705 2 Mozilla, Redhat 3 Firefox, Mozilla Suite, Enterprise Linux 2026-04-16 N/A
Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.
CVE-2005-2706 2 Mozilla, Redhat 3 Firefox, Mozilla Suite, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.7 and Mozilla before Suite 1.7.12 allows remote attackers to execute Javascript with chrome privileges via an about: page such as about:mozilla.
CVE-2005-2707 2 Mozilla, Redhat 3 Firefox, Mozilla Suite, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
CVE-2005-2710 2 Realnetworks, Redhat 4 Helix Player, Realplayer, Enterprise Linux and 1 more 2026-04-16 N/A
Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText (.rt) file.
CVE-2005-2711 1 Iss 4 Blackice Agent Server, Blackice Pc Protection, Blackice Server Protection and 1 more 2026-04-16 N/A
ISS BlackIce 3.6, as used in multiple products including BlackICE PC Protection, Server Protection, Agent for Server, and RealSecure Desktop 3.6 and 7.0, does not drop privileges before launching help from the "More Info" button in the "Application Protection" dialog, which allows local users to execute arbitrary programs as SYSTEM.
CVE-2005-2712 1 Ibm 1 Lotus Domino 2026-04-16 N/A
The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference.
CVE-2005-2713 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
CVE-2005-2727 1 Ari Pikivirta 1 Home Ftp Server 2026-04-16 N/A
Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ftpsettings.lst.
CVE-2005-2728 2 Apache, Redhat 2 Http Server, Enterprise Linux 2026-04-16 N/A
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.