Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-1890 1 Redhat 1 Rhmask 2026-04-16 N/A
rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink attack on the mask file.
CVE-2005-1686 2 Gnome, Redhat 2 Gedit, Enterprise Linux 2026-04-16 N/A
Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
CVE-2005-3070 1 Hylafax 1 Hylafax 2026-04-16 N/A
HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and cause a denial of service by creating the socket using the hyla.unix temporary file.
CVE-2005-1687 1 Wordpress 1 Wordpress 2026-04-16 N/A
SQL injection vulnerability in wp-trackback.php in Wordpress 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the tb_id parameter.
CVE-2005-3071 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS.
CVE-2005-3072 1 Interchange Development Group 1 Interchange 2026-04-16 N/A
SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2005-3657 1 Mcafee 2 Mcinsctl.dll, Virusscan Security Center 2026-04-16 N/A
The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object.
CVE-2005-1691 1 Sap 1 Sap R 3 2026-04-16 N/A
Directory traversal vulnerability in Internet Graphics Server in SAP before 6.40 Patch 11 allows remote attackers to read arbitrary files via ".." sequences in an HTTP GET request.
CVE-2005-1692 1 Xine 1 Gxine 2026-04-16 N/A
Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format string specifiers.
CVE-2005-3073 1 Interchange Development Group 1 Interchange 2026-04-16 N/A
Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) "mike", (2) "standard", or (3) "foundation" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page.
CVE-2005-1695 1 Postnuke Software Foundation 1 Postnuke 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allow remote attackers to inject arbitrary web script or HTML via the (1) rss_url parameter to magpie_slashbox.php, or the url parameter to (2) magpie_simple.php or (3) magpie_debug.php.
CVE-2005-1703 1 Black Cactus 1 Warrior Kings Battles 2026-04-16 N/A
Warrior Kings: Battles 1.23 and earlier allows remote attackers to cause a denial of service (server crash) via a partial join packet that triggers a NULL pointer dereference.
CVE-2005-1711 3 Clam Anti-virus, Gibraltar, Squid 3 Clamav, Gibraltar Firewall, Squid 2026-04-16 N/A
Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.
CVE-2005-3074 1 Rsyslog 1 Rsyslogd 2026-04-16 N/A
SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and before 1.10.1 allows remote attackers to execute arbitrary SQL commands via crafted syslog messages.
CVE-2005-1714 1 Netwin 1 Surgemail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-3076 1 Simplog 1 Simplog 2026-04-16 N/A
Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid (1) pid, (2) blogid, (3) cid, or (4) m parameters to archive.php, or the (5) blogid parameter to blogadmin.php.
CVE-2005-1715 1 Ej3 1 Topo 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for TOPo 2.2 (2.2.178) allows remote attackers to inject arbitrary web script or HTML via the (1) m, (2) s, (3) ID, or (4) t parameters, or the (5) field name, (6) Your Web field, or (7) email field in the comments section.
CVE-2005-1716 1 Ej3 1 Topo 2026-04-16 N/A
TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses.
CVE-2005-1717 1 Zyxel 1 Prestige 650r-31 2026-04-16 N/A
ZyXEL Prestige 650R-31 router running ZyNOS FW v3.40(KO.1) allows remote attackers to cause a denial of service (CPU consumption and network loss) via crafted fragmented IP packets.
CVE-2005-1718 1 Ls Games 1 War Times 2026-04-16 N/A
Buffer overflow in LS Games War Times 1.03 and earlier allows remote attackers to cause a denial of service (server crash) via a long nickname.