Search Results (363531 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2487 1 Mcdata 4 Intrepid 6064 Director Switch, Intrepid 6140 Director Switch, Sphereon 4300 Fabric Switch and 1 more 2026-04-16 N/A
Unknown vulnerability in Sun McData switches and directors 4300, 4500, 6064, and 6140 before E/OS 6.0.0 may allow attackers to cause a denial of service (connectivity and array access loss) via a network broadcast storm.
CVE-2005-3287 1 Rockliffe 1 Mailsite Express 2026-04-16 N/A
Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be directly requested from the cache directory.
CVE-2005-2488 1 Web Content Management 1 Web Content Management News System 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Web Content Management News System allows remote attackers to inject arbitrary web script or HTML via (1) the strRootpath parameter to validsession.php or (2) the strTable parameter to Admin/News/List.php.
CVE-2005-3288 1 Rockliffe 1 Mailsite Express 2026-04-16 N/A
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message.
CVE-2005-2489 1 Web Content Management 1 Web Content Management News System 2026-04-16 N/A
Web Content Management News System allows remote attackers to create arbitrary accounts and gain privileges via a direct request to Admin/Users/AddModifyInput.php.
CVE-2005-3289 1 Ibm 1 Aix 2026-04-16 N/A
LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file.
CVE-2005-3290 1 Accelerated Enterprise Solutions 1 Accelerated Mortgage Manager 2026-04-16 N/A
SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field.
CVE-2005-2495 2 Redhat, Xfree86 Project 2 Enterprise Linux, Xfree86 2026-04-16 N/A
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
CVE-2005-3291 1 Stani 1 Stanis Python Editor 2026-04-16 N/A
Stani's Python Editor (SPE) 0.7.5 is installed with world-writable permissions, which allows local users to gain privileges by modifying executable files.
CVE-2005-2496 2 Dave Mills, Redhat 2 Ntpd, Enterprise Linux 2026-04-16 N/A
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
CVE-2005-3292 1 Xeobook 1 Xeobook 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Xeobook 0.93 allow remote attackers to inject arbitrary web script or HTML via Javascript events in tages such as <b>.
CVE-2005-3293 1 Xerver 1 Xerver 2026-04-16 N/A
Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character.
CVE-2005-2498 3 Debian, Gggeek, Redhat 3 Debian Linux, Phpxmlrpc, Enterprise Linux 2026-04-16 N/A
Eval injection vulnerability in PHPXMLRPC 1.1.1 and earlier (PEAR XML-RPC for PHP), as used in multiple products including (1) Drupal, (2) phpAdsNew, (3) phpPgAds, and (4) phpgroupware, allows remote attackers to execute arbitrary PHP code via certain nested XML tags in a PHP document that should not be nested, which are injected into an eval function call, a different vulnerability than CVE-2005-1921.
CVE-2005-3295 1 Hp 1 Hp-ux 2026-04-16 N/A
Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."
CVE-2005-3297 1 Suse 1 Suse Linux 2026-04-16 N/A
Multiple integer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.
CVE-2005-2499 2 Redhat, Slocate 2 Enterprise Linux, Slocate 2026-04-16 N/A
slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure.
CVE-2005-3296 1 Hp 1 Hp-ux 2026-04-16 N/A
The FTP server in HP-UX 10.20, B.11.00, and B.11.11, allows remote attackers to list arbitrary directories as root by running the LIST command before logging in.
CVE-2005-3298 1 Suse 1 Suse Linux 2026-04-16 N/A
Multiple buffer overflows in OpenWBEM on SuSE Linux 9 allow remote attackers to execute arbitrary code via unknown vectors.
CVE-2005-2500 1 Linux 1 Linux Kernel 2026-04-16 N/A
Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.
CVE-2005-2503 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.