Search Results (363397 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3690 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.
CVE-2005-3216 1 Sophos 1 Sophos Anti-virus 2026-04-16 N/A
Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-2270 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object.
CVE-2005-3215 1 Mcafee 1 Antivirus Engine 2026-04-16 N/A
Multiple interpretation error in unspecified versions of McAfee Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-1881 1 Yapig 1 Yapig 2026-04-16 N/A
upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP code.
CVE-2005-1882 1 Yapig 1 Yapig 2026-04-16 N/A
PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter.
CVE-2005-1883 1 Yapig 1 Yapig 2026-04-16 N/A
global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter.
CVE-2005-1884 1 Yapig 1 Yapig 2026-04-16 N/A
Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter.
CVE-2005-3107 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.
CVE-2005-1885 1 Yapig 1 Yapig 2026-04-16 N/A
view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to obtain sensitive information via a phid parameter that is not an integer, which reveals the path in an error message.
CVE-2005-3108 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
mm/ioremap.c in Linux 2.6 on 64-bit x86 systems allows local users to cause a denial of service or an information leak via an ioremap on a certain memory map that causes the iounmap to perform a lookup of a page that does not exist.
CVE-2005-1886 1 Yapig 1 Yapig 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML via (1) the phid parameter or (2) unknown parameters when posting a new comment.
CVE-2005-1894 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer header of an HTTP request, which causes the code to be injected into referer.php, which can then be accessed by the attacker.
CVE-2005-1903 1 E-post Corporation 1 Spa-pro Mail Atsolomon 2026-04-16 N/A
Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.
CVE-2005-1904 1 Jiro 1 Jiro Upload System 2026-04-16 N/A
SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2005-3109 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The HFS and HFS+ (hfsplus) modules in Linux 2.6 allow attackers to cause a denial of service (oops) by using hfsplus to mount a filesystem that is not hfsplus.
CVE-2005-1905 1 Kaspersky Lab 2 Kaspersky Anti-virus, Kaspersky Anti-virus Personal 2026-04-16 N/A
The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.
CVE-2005-1906 1 Livingmailing 1 Livingmailing 2026-04-16 N/A
SQL injection vulnerability in login.asp in livingmailing 1.3 allows remote attackers to execute arbitrary SQL commands via the password. NOTE: there is little public information about this product and its vendor, and the original researcher announcement is no longer available.
CVE-2005-1907 1 Microsoft 1 Isa Server 2026-04-16 N/A
The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic.
CVE-2005-1908 1 Perception 1 Liteweb 2026-04-16 N/A
Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL.