Export limit exceeded: 363327 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363327 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3323 2 Debian, Zope 2 Debian Linux, Zope 2026-04-16 N/A
docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality.
CVE-2005-3752 1 Ldapdiff 1 Ldapdiff 2026-04-16 N/A
Unspecified vulnerability in ldapdiff before 1.1.1 has unknown impact and attack vectors, related to "ldapdiff.conf path construction".
CVE-2005-0356 9 Alaxala, Cisco, F5 and 6 more 76 Alaxala Networks, Agent Desktop, Aironet Ap1200 and 73 more 2026-04-16 N/A
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
CVE-2005-0357 2 Emc, Sun 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software 2026-04-16 N/A
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
CVE-2005-3324 1 Appindex 1 Mwchat 2026-04-16 N/A
SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2005-0358 2 Emc, Sun 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software 2026-04-16 N/A
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
CVE-2005-0359 2 Emc, Sun 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software 2026-04-16 N/A
The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
CVE-2005-2576 1 Calogic 1 Calogic 2026-04-16 N/A
CaLogic 1.22, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) doclsqlres.php, (2) clmcpreload.php, (3) viewhistlog.php, (4) mcconfig.php, (5) doclsqlbak.php, (6) defcalsel.php, or (7) cl_minical.php, which reveals the path in an error message.
CVE-2005-0360 1 Microsoft 1 Log Sink Class Activex Control 2026-04-16 N/A
The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files.
CVE-2005-2577 1 Wyse 1 Winterm 2026-04-16 N/A
Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field.
CVE-2005-0397 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2026-04-16 N/A
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.
CVE-2005-2597 1 Aol 1 Aol Client Software 2026-04-16 N/A
AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.
CVE-2005-3341 1 Dhis Tools 1 Dns Package 2026-04-16 N/A
DHIS tools DNS package (dhis-tools-dns) before 5.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files created by (1) register-q.sh and (2) register-p.sh.
CVE-2005-3342 1 Norman Ramsey 1 Noweb 2026-04-16 N/A
noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in (1) lib/toascii.nw and (2) shell/roff.mm.
CVE-2005-0399 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
Heap-based buffer overflow in GIF2.cpp in Firefox before 1.0.2, Mozilla before to 1.7.6, and Thunderbird before 1.0.2, and possibly other applications that use the same library, allows remote attackers to execute arbitrary code via a GIF image with a crafted Netscape extension 2 block and buffer size.
CVE-2005-3343 1 Tkdiff 1 Tkdiff 2026-04-16 N/A
tkdiff before 4.1.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-3344 1 Horde 1 Horde 2026-04-16 N/A
The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access.
CVE-2005-0411 1 Citrusdb 1 Citrusdb 2026-04-16 N/A
Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files via .. (dot dot) sequences in the load parameter.
CVE-2005-3345 1 Rssh 1 Rssh 2026-04-16 N/A
rssh 2.0.0 through 2.2.3 allows local users to bypass access restrictions and gain root privileges by using the rssh_chroot_helper command to chroot to an external directory.
CVE-2005-2598 1 Dokeos 1 Dokeos 2026-04-16 N/A
Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via the move_to and move_file parameters to claroline/document/document.php, or determine the existence of arbitrary files via the file parameter to (3) claroline/scorm/showinframes.php or (4) claroline/scorm/contents.php.