Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2376 1 Codemasters 1 Toca Race Driver 2026-04-16 N/A
Buffer overflow in Race Driver 1.20 and earlier allows remote attackers to cause a denial of service (application crash) via a long (1) nickname or (2) chat message.
CVE-2005-2384 1 Alwil 1 Avast Antivirus 2026-04-16 N/A
Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames.
CVE-2005-3243 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
CVE-2005-3247 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
CVE-2005-2389 1 Symantec Veritas 2 Netbackup Enterprise Server, Netbackup Server 2026-04-16 N/A
NDMP server in Veritas NetBackup 5.1 allows attackers to cause a denial of service via a CONFIG message with an out-of-range timestamp, which triggers a null dereference.
CVE-2005-2390 1 Proftpd Project 1 Proftpd 2026-04-16 N/A
Multiple format string vulnerabilities in ProFTPD before 1.3.0rc2 allow attackers to cause a denial of service or obtain sensitive information via (1) certain inputs to the shutdown message from ftpshut, or (2) the SQLShowInfo mod_sql directive.
CVE-2005-2391 1 3com 1 3crwe454g72 2026-04-16 N/A
Unknown vulnerability in 3Com OfficeConnect Wireless 11g Access Point before 1.03.12 allows remote attackers to obtain sensitive information via the web interface.
CVE-2005-2392 1 Cmsmadesimple 1 Cms Made Simple 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function.
CVE-2005-3248 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (divide-by-zero) via unknown vectors.
CVE-2005-2393 1 Cutephp 1 Cutenews 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in CuteNews 1.3.6 allows remote attackers to inject arbitrary web script or HTML via (1) the lastusername parameter to index.php or (2) selected_search_arch parameter to search.php.
CVE-2005-3249 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer.
CVE-2005-2394 1 Cutephp 1 Cutenews 2026-04-16 N/A
show_news.php in CuteNews 1.3.6 allows remote attackers to obtain the full path of the server via an invalid archive parameter.
CVE-2005-2395 1 Mozilla 1 Firefox 2026-04-16 N/A
Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the strongest authentication scheme available as required by RFC2617, which might cause credentials to be sent in plaintext even if an encrypted channel is available.
CVE-2005-2401 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
PHP-Fusion allows remote attackers to inject arbitrary Cascading Style Sheets (CSS) via the BBCode color tag.
CVE-2005-2402 1 Phpsitesearch 1 Phpsitesearch 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in PHPSiteSearch 1.7.7d allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2005-3253 2 Avaya, Proxim 10 Wireless Ap-3, Wireless Ap-4, Wireless Ap-5 and 7 more 2026-04-16 N/A
Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication.
CVE-2005-2403 1 Realchat 1 Realchat 2026-04-16 N/A
The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.
CVE-2005-2404 1 Sendcard 1 Sendcard 2026-04-16 N/A
SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-2426 1 Ftpshell 1 Ftpshell Server 2026-04-16 N/A
FTPshell Server 3.38 allows remote authenticated users to cause a denial of service (application crash) by multiple connections and disconnections without using the QUIT command.
CVE-2005-3263 1 Rarlab 1 Winrar 2026-04-16 N/A
Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name.