Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2764 1 Openttd 1 Openttd 2026-04-16 N/A
Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2005-2776 1 Looking Glass 1 Looking Glass 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass 20040427 allow remote attackers to inject arbitrary web script or HTML via the (1) version[fullname], (2) version[homepage], or (3) version[no] parameter to footer.php, or the (4) version[fullname], (5) version[no], (6) version[author], (7) version[email] parameter to header.php.
CVE-2005-2786 1 Cosmoshop 1 Cosmoshop 2026-04-16 N/A
Directory traversal vulnerability in bestmail_edit.cgi in cosmoshop 8.10.78 and earlier allows remote administrators to read arbitrary files via ".." sequences in the file parameter.
CVE-2005-2789 1 Bfcommand And Control Software 2 Bfcc, Bfvcc 2026-04-16 N/A
BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to bypass authentication via (1) an unknown attack vector or (2) a NULL (0x00) as a username.
CVE-2005-2791 1 Bfcommand And Control Software 2 Bfcc, Bfvcc 2026-04-16 N/A
BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to cause a denial of service (refused new connections) via a series of connections and disconnections without sending the login command.
CVE-2005-2796 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.
CVE-2005-2797 1 Openbsd 1 Openssh 2026-04-16 N/A
OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
CVE-2005-2803 1 Hiki 1 Hiki 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005-2336.
CVE-2005-2804 1 Novell 1 Groupwise 2026-04-16 N/A
Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.
CVE-2005-2813 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php.
CVE-2005-2859 1 Savant 1 Savant Webserver 2026-04-16 N/A
Savant Web Server stores user credentials in plaintext in the Savant\Users registry key, which allows local users to gain privileges.
CVE-2005-2860 1 Nikto 1 Nikto 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Nikto 1.35 and earlier allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report.
CVE-2005-2861 1 N-stalker 1 N-stealth 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in N-Stealth Commercial Edition before 5.8.0.38 and Free Edition before 5.8.1.03 allows remote attackers to inject arbitrary web script or HTML via the Server field in an HTTP response header, which is directly injected into an HTML report.
CVE-2005-2862 1 Road Runner 1 Adsl Road Runner Modem 2026-04-16 N/A
ADSL Road Runner modem in the Annex A family has a service running on port 224, which allows remote attackers to login to the modem with a blank password and gain unauthorized access.
CVE-2005-2863 1 Open Webmail 1 Open Webmail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in openwebmail-main.pl in OpenWebMail 2.41 allows remote attackers to inject arbitrary web script or HTML via the sessionid parameter.
CVE-2005-2864 1 Urban 1 Urban 2026-04-16 N/A
URBAN 1.5.3_1 allows local users to overwrite arbitrary files via a symlink attack on the (1) high score or (2) save game files.
CVE-2005-2898 1 Filezilla 1 Filezilla 2026-04-16 N/A
NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's password in the configuration settings file, which allows local users to obtain sensitive information. NOTE: the vendor has disputed the issue, stating that "the problem is not a vulnerability at all, but in fact a fundamental issue of every single program that can store passwords transparently.
CVE-2005-2900 1 Cj Desing 1 Cjlinkout 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in top.php in CjLinkOut 1.0 allows remote attackers to inject arbitrary web script or HTML via the 123 parameter.
CVE-2005-2901 1 Cj Desing 1 Cjweb2mail 2026-04-16 N/A
Multiple Cross-site scripting (XSS) vulnerabilities in CjWeb2Mail 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) message, or (3) ip parameter to thankyou.php or (4) emsg parameter to web2mail.php.
CVE-2005-2904 1 Zebedee 1 Zebedee 2026-04-16 N/A
Zebedee 2.4.1, when "allowed redirection port" is not set, allows remote attackers to cause a denial of service (application crash) via a zero in the port number of the protocol option header, which triggers an assert error in the makeConnection function in zebedee.c.