Export limit exceeded: 363357 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363357 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1879 1 Lutel 1 Lutelwall 2026-04-16 5.5 Medium
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
CVE-2006-2012 1 Skulltag Team 1 Skulltag 2026-04-16 N/A
Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string.
CVE-2005-3106 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2026-04-16 4.7 Medium
Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.
CVE-2005-1878 1 Giptables 1 Giptables Firewall 2026-04-16 N/A
GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file.
CVE-2005-1877 1 Lpanel 1 Lpanel 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter.
CVE-2005-1876 1 Cutephp 1 Cutenews 2026-04-16 4.5 Medium
Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file.
CVE-2005-1867 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.
CVE-2005-1852 5 Centericq, Ekg, Kadu and 2 more 5 Centericq, Ekg, Kadu and 2 more 2026-04-16 N/A
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.
CVE-2005-1848 2 Phystech, Redhat 2 Dhcpcd, Enterprise Linux 2026-04-16 N/A
The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors that cause an out-of-bounds memory read.
CVE-2005-3105 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly maintain cache coherency as required by the architecture, which allows local users to cause a denial of service and possibly corrupt data by modifying PTE protections.
CVE-2005-1839 1 Liberum 1 Liberum Help Desk 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp.
CVE-2005-1831 1 Todd Miller 1 Sudo 2026-04-16 8.4 High
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty.
CVE-2005-3103 1 Six Apart 1 Movable Type 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title, (2) category, (3) body, (4) extended body, and (5) excerpt form fields in new blog entries.
CVE-2005-1823 1 Qualiteam 1 X-cart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php.
CVE-2005-3101 1 Six Apart 1 Movable Type 2026-04-16 N/A
The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.
CVE-2005-1566 1 Arcowave Systems 1 Wlan Ap \+ Adsl Router 2026-04-16 N/A
Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTRL-C at the username or password prompt in a telnet session, which causes the shell to crash and restart, then leave the user in the new shell.
CVE-2005-2989 1 Deluxebb 1 Deluxebb 2026-04-16 N/A
Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php.
CVE-2005-1575 1 Mozilla 1 Firefox 2026-04-16 N/A
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160.
CVE-2005-2990 1 Linecontrol 1 Java Client 2026-04-16 N/A
AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files.
CVE-2005-1584 1 Open Solution 1 Quick.forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action.