Search Results (363384 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3669 1 Cisco 8 Adaptive Security Appliance Software, Firewall Services Module, Ios and 5 more 2026-04-16 N/A
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
CVE-2005-1972 1 Interactivephp 1 Fusionbb 2026-04-16 N/A
Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1) the username, which is not properly handled by the insertUser function, or (2) the bb_session_id value in a cookie.
CVE-2005-3144 1 Standards Based Linux Instrumentation 1 Sblim-sfcb 2026-04-16 N/A
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers.
CVE-2005-3145 1 Standards Based Linux Instrumentation 1 Sblim-sfcb 2026-04-16 N/A
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service (resource consumption) by connecting to sblim-sfcb but not sending any data.
CVE-2005-1987 1 Microsoft 4 Exchange Server, Windows 2000, Windows Server 2003 and 1 more 2026-04-16 N/A
Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstrated using the "Content-Type" string.
CVE-2005-1988 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability".
CVE-2005-1989 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability".
CVE-2005-3146 2 Storebackup, Suse 2 Storebackup, Suse Linux 2026-04-16 N/A
StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.
CVE-2005-3147 2 Storebackup, Suse 2 Storebackup, Suse Linux 2026-04-16 N/A
StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.
CVE-2005-3148 2 Storebackup, Suse 2 Storebackup, Suse Linux 2026-04-16 N/A
StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.
CVE-2005-3149 1 Uim 1 Uim 2026-04-16 N/A
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges.
CVE-2005-1990 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087.
CVE-2005-1992 2 Redhat, Yukihiro Matsumoto 2 Enterprise Linux, Ruby 2026-04-16 N/A
The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, which allows remote attackers to execute arbitrary commands.
CVE-2005-1993 2 Redhat, Todd Miller 2 Enterprise Linux, Sudo 2026-04-16 N/A
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
CVE-2005-1994 1 Finjan Software 1 Surfingate 2026-04-16 N/A
Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2e".
CVE-2005-1995 1 Bitrix 1 Bitrix Site Manager 2026-04-16 N/A
Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request to (1) subscr_form.php or (2) dbquery_error.php, which reveals the path in an error message.
CVE-2005-3150 1 Weex 1 Weex 2026-04-16 N/A
Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames.
CVE-2005-3151 1 Blender 1 Blender 2026-04-16 N/A
Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.
CVE-2005-1999 1 Php Arena 1 Pafiledb 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sortby or (2) filelist parameters to the category action (category.php), or (3) pages parameter in the viewall action (viewall.php).
CVE-2005-3152 1 Devellion 1 Cubecart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in CubeCart 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the redir parameter to (1) cart.php or (2) index.php, or (3) the searchStr parameter in a viewCat action to index.php. Note: vectors (1) and (2) were later reported to affect 3.0.7-pl1.