Export limit exceeded: 363673 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363673 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3354 1 Sylpheed 1 Sylpheed 2026-04-16 N/A
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
CVE-2005-0459 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.
CVE-2005-0469 2 Ncsa, Redhat 2 Telnet, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
CVE-2005-0473 3 Mandrakesoft, Redhat, Rob Flynn 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more 2026-04-16 N/A
The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
CVE-2005-0474 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
SQL injection vulnerability in the user_valid_crypt function in user.php in WebCalendar 0.9.45 allows remote attackers to execute arbitrary SQL commands via an encoded webcalendar_session cookie.
CVE-2005-0475 1 Php Arena 1 Pafaq 2026-04-16 N/A
SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php.
CVE-2005-0476 1 Hpm Guestbook.cgi 1 Hpm Guestbook.cgi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in hpm_guestbook.cgi allows remote attackers to inject arbitrary web script or HTML by posting a message.
CVE-2005-3355 1 Gnu 1 Gnump3d 2026-04-16 N/A
Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values".
CVE-2005-0477 1 Invision Power Services 1 Invision Power Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the SML code for Invision Power Board 1.3.1 FINAL allows remote attackers to inject arbitrary web script via (1) a signature file or (2) a message post containing an IMG tag within a COLOR tag whose style is set to background:url.
CVE-2005-0478 1 Trackercam 1 Trackercam 2026-04-16 N/A
Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script.
CVE-2005-3356 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.
CVE-2005-3774 1 Cisco 1 Pix 2026-04-16 N/A
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
CVE-2005-0479 1 Trackercam 1 Trackercam 2026-04-16 N/A
Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and earlier allows remote attackers to read arbitrary files via ".." sequences and (1) "/" slash), (2) "\" (backslash), or (3) hex-encoded characters in the fn parameter.
CVE-2005-0480 1 Trackercam 1 Trackercam 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to inject arbitrary HTML or web script via the login request, which is recorded in a log file but not properly handled when the administrator views the log file.
CVE-2005-3357 2 Apache, Redhat 2 Http Server, Enterprise Linux 2026-04-16 N/A
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers a NULL pointer dereference.
CVE-2005-0481 1 Trackercam 1 Trackercam 2026-04-16 N/A
TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3 script.
CVE-2005-0482 1 Trackercam 1 Trackercam 2026-04-16 N/A
TrackerCam 5.12 and earlier allows remote attackers to cause a denial of service (crash) via (1) a large number of connections with a negative Content-Length header, possibly triggering an integer signedness error, or (2) a large amount of data.
CVE-2005-0483 1 Glftpd 1 Glftpd 2026-04-16 N/A
Multiple directory traversal vulnerabilities in sitenfo.sh, sitezipchk.sh, and siteziplist.sh in Glftpd 1.26 to 2.00 allow remote authenticated users to (1) determine the existence of arbitrary files, (2) list files in restricted directories, or (3) read arbitrary files from within ZIP or gzip files, via .. (dot dot) sequences and globbing ("*") characters in a SITE NFO command.
CVE-2005-3358 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
CVE-2005-3777 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to delete or move private messages (PM) via modified fields in the inbox form.