Export limit exceeded: 20133 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363359 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2239 | 1 Oftpd | 1 Oftpd | 2026-04-16 | N/A |
| oftpd 0.3.7 allows remote attackers to cause a denial of service via a USER command with a large number of null (\0) characters. | ||||
| CVE-2005-3191 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KDE kpdf, (d) pdftohtml, (e) KOffice KWord, (f) CUPS, and (g) libextractor allow user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with an out-of-range number of components (numComps), which is used as an array index. | ||||
| CVE-2005-2240 | 1 Xpvm | 1 Xpvm | 2026-04-16 | N/A |
| xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary files via a symlink attack on the xpvm.trace.$user temporary file. | ||||
| CVE-2005-2241 | 1 Cisco | 1 Call Manager | 2026-04-16 | N/A |
| Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe. | ||||
| CVE-2005-3192 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2026-04-16 | N/A |
| Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field. | ||||
| CVE-2005-2242 | 1 Cisco | 1 Call Manager | 2026-04-16 | N/A |
| Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to cause a denial of service (memory consumption and restart) via crafted packets to (1) the CTI Manager (ctimgr.exe) or (2) the CallManager (ccm.exe). | ||||
| CVE-2005-2243 | 1 Cisco | 1 Call Manager | 2026-04-16 | N/A |
| Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail. | ||||
| CVE-2005-3193 | 2 Redhat, Xpdf | 2 Enterprise Linux, Xpdf | 2026-04-16 | N/A |
| Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated. | ||||
| CVE-2005-3673 | 1 Checkpoint | 5 Check Point, Express, Firewall-1 and 2 more | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Check Point products allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-2247 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors. | ||||
| CVE-2005-3194 | 1 Estsoft | 1 Alzip | 2026-04-16 | N/A |
| Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive. | ||||
| CVE-2005-2248 | 1 Sven-ove Bjerkan | 1 Downloadprotect | 2026-04-16 | N/A |
| Directory traversal vulnerability in DownloadProtect before 1.0.3 allows remote attackers to read files above the download folder. | ||||
| CVE-2005-2249 | 1 Jinzora | 1 Jinzora | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion vulnerability. | ||||
| CVE-2005-2250 | 1 Nokia | 1 Affix | 2026-04-16 | N/A |
| Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share. | ||||
| CVE-2005-3197 | 1 Webroot Software | 1 Desktop Firewall | 2026-04-16 | N/A |
| Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, then removing an allowed program from the firewall list. | ||||
| CVE-2005-2254 | 1 Gianluca Baldo | 1 Phpauction | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5 allow remote attackers to inject arbitrary web script or HTML via the lan parameter to (1) index.php or (2) admin/index.php, or (3) the auction_id parameter to profile.php. NOTE: there is evidence that viewnews.php and login.php may not be part of the PhpAuction product, so they are not included in this description. | ||||
| CVE-2005-2255 | 1 Gianluca Baldo | 1 Phpauction | 2026-04-16 | N/A |
| Directory traversal vulnerability in PhpAuction 2.5 allows remote attackers to read arbitrary files, include local PHP files, or obtain sensitive path information via ".." sequences in the lan parameter to (1) index.php or (2) admin/index.php. | ||||
| CVE-2005-2256 | 1 Phppgadmin | 1 Phppgadmin | 2026-04-16 | N/A |
| Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter. | ||||
| CVE-2005-2257 | 1 Phpslash | 1 Phpslash | 2026-04-16 | N/A |
| The saveProfile function in PhpSlash 0.8.0 allows remote attackers to modify arbitrary profiles and gain privileges by modifying the author_id parameter. | ||||
| CVE-2005-3198 | 1 Webroot Software | 1 Desktop Firewall | 2026-04-16 | N/A |
| Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands. | ||||