Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2226 1 Microsoft 1 Outlook Express 2026-04-16 N/A
Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information.
CVE-2005-2228 1 Bdc Enterprises 1 Web Wiz Forums 2026-04-16 N/A
Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum.
CVE-2005-2230 1 Elmo 1 Elmo 2026-04-16 N/A
Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the elmostats temporary file insecurely, which allows local users to overwrite arbitrary files.
CVE-2005-2231 1 High Availability Linux Project 1 Heartbeat 2026-04-16 N/A
High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-2233 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare.
CVE-2005-2234 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
CVE-2005-2235 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
CVE-2006-4652 2 Amazing Little Picture Poll, Amazing Little Poll 2 Amazing Little Picture Poll, Amazing Little Poll 2026-04-16 N/A
(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php.
CVE-2005-2244 1 Cisco 1 Call Manager 2026-04-16 N/A
The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow.
CVE-2005-2246 1 Iphotoalbum 1 Iphotoalbum 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 allow remote attackers to execute arbitrary code via the (1) doc_path parameter to getpage.php or (2) set_menu parameter to lib/static/header.php.
CVE-2005-2251 1 Secure Reality 1 Phpsecurepages 2026-04-16 N/A
PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468.
CVE-2005-2252 1 Gianluca Baldo 1 Phpauction 2026-04-16 N/A
PhpAuction 2.5 allows remote attackers to bypass authentication and gain privileges as another user by setting the PHPAUCTION_RM_ID cookie to the user ID.
CVE-2005-2253 1 Gianluca Baldo 1 Phpauction 2026-04-16 N/A
SQL injection vulnerability in PhpAuction 2.5 allow remote attackers to modify SQL queries via the category parameter to adsearch.php. NOTE: there is evidence that viewnews.php may not be part of the PhpAuction product, so it is not included in this description.
CVE-2006-4654 1 Efs Software 1 Easy Address Book Web Server 2026-04-16 N/A
Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service (crash) or "compromise the server" via encoded format string specifiers in the query string.
CVE-2005-2264 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.5 allows remote attackers to steal sensitive information by opening a malicious link in the Firefox sidebar using the _search target, then injecting script into other pages via a data: URL.
CVE-2006-4655 2 Sco, Sun 2 Unixware, Solaris 2026-04-16 N/A
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.
CVE-2006-4656 1 Web-provence 1 Sl Site 2026-04-16 N/A
PHP remote file inclusion vulnerability in admin/editeur/spaw_control.class.php in Web Provence SL_Site 1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PHP Edition.
CVE-2005-2279 1 Cisco 1 Ons 15216 Optical Add Drop Multiplexer Software 2026-04-16 N/A
Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data.
CVE-2005-2296 1 Yabb 1 Yabb 2026-04-16 N/A
YabbSE 1.5.5c allows remote attackers to obtain sensitive information via a direct request to ssi_examples.php, which reveals the path.
CVE-2005-2297 1 Sybase 1 Easerver 2026-04-16 N/A
Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.