Search Results (363673 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3427 1 Cisco 1 Ciscoworks Management Center For Ips Sensors 2026-04-16 N/A
The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while generating the Cisco IOS IPS configuration file, wich can cause some signatures to be disabled and makes it easier for attackers to escape detection.
CVE-2005-0448 2 Larry Wall, Redhat 2 Perl, Enterprise Linux 2026-04-16 N/A
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
CVE-2005-2610 1 Vegadns 1 Vegadns 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2005-0449 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
CVE-2005-2611 1 Symantec Veritas 3 Backup Exec, Backup Exec Remote Agent, Netbackup 2026-04-16 N/A
VERITAS Backup Exec for Windows Servers 8.6 through 10.0, Backup Exec for NetWare Servers 9.0 and 9.1, and NetBackup for NetWare Media Server Option 4.5 through 5.1 uses a static password during authentication from the NDMP agent to the server, which allows remote attackers to read and write arbitrary files with the backup server.
CVE-2005-0450 1 Sami 1 Sami Http Server 2026-04-16 N/A
Directory traversal vulnerability in Sami HTTP Server 1.0.5 allows remote attackers to read arbitrary files via an HTTP request containing (1) .. (dot dot) or (2) "%2e%2e" (encoded dot dot) sequences.
CVE-2005-0451 1 Sami 1 Sami Http Server 2026-04-16 N/A
Sami HTTP Server 1.0.5 allows remote attackers to cause a denial of service via an HTTP request containing two CRLF sequences, which triggers a NULL dereference.
CVE-2005-0452 1 Microsoft 1 Asp.net 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<".
CVE-2005-2612 1 Wordpress 1 Wordpress 2026-04-16 N/A
Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie.
CVE-2005-2613 1 Cpaint 1 Cpaint 2026-04-16 N/A
Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows attackers to execute arbitrary PHP or ASP code or read files via unknown vectors.
CVE-2005-0453 1 Lighttpd 1 Lighttpd 2026-04-16 N/A
The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.
CVE-2005-2614 1 Crosscom Olicom 1 Discuz 2026-04-16 N/A
Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other multiple extensions that include .php.
CVE-2005-3351 2 Apache, Redhat 2 Spamassassin, Enterprise Linux 2026-04-16 N/A
SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl.
CVE-2005-0454 1 Codeworx Technologies 1 Dcp-portal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DCP-Portal 6.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the lcat, doc, or uid parameters to index.php, or (2) the mid or bid parameters to forums.php.
CVE-2005-2615 1 Eqdkp 1 Eqdkp 2026-04-16 N/A
Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id.
CVE-2005-0455 2 Realnetworks, Redhat 4 Realone Player, Realplayer, Enterprise Linux and 1 more 2026-04-16 N/A
Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.
CVE-2005-2616 1 Ezupload 1 Ezupload 2026-04-16 N/A
Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php.
CVE-2005-3353 2 Php, Redhat 2 Php, Enterprise Linux 2026-04-16 N/A
The exif_read_data function in the Exif module in PHP before 4.4.1 allows remote attackers to cause a denial of service (infinite loop) via a malformed JPEG image.
CVE-2005-0456 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.
CVE-2005-2617 1 Linux 1 Linux Kernel 2026-04-16 N/A
The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers.