Export limit exceeded: 363357 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363357 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1879 | 1 Lutel | 1 Lutelwall | 2026-04-16 | 5.5 Medium |
| LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget. | ||||
| CVE-2006-2012 | 1 Skulltag Team | 1 Skulltag | 2026-04-16 | N/A |
| Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string. | ||||
| CVE-2005-3106 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2026-04-16 | 4.7 Medium |
| Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec. | ||||
| CVE-2005-1878 | 1 Giptables | 1 Giptables Firewall | 2026-04-16 | N/A |
| GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file. | ||||
| CVE-2005-1877 | 1 Lpanel | 1 Lpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML and obtain sensitive information via the pid parameter. | ||||
| CVE-2005-1876 | 1 Cutephp | 1 Cutenews | 2026-04-16 | 4.5 Medium |
| Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file. | ||||
| CVE-2005-1867 | 1 Symantec | 1 Brightmail Antispam | 2026-04-16 | N/A |
| Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges. | ||||
| CVE-2005-1852 | 5 Centericq, Ekg, Kadu and 2 more | 5 Centericq, Ekg, Kadu and 2 more | 2026-04-16 | N/A |
| Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. | ||||
| CVE-2005-1848 | 2 Phystech, Redhat | 2 Dhcpcd, Enterprise Linux | 2026-04-16 | N/A |
| The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors that cause an out-of-bounds memory read. | ||||
| CVE-2005-3105 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The mprotect code (mprotect.c) in Linux 2.6 on Itanium IA64 Montecito processors does not properly maintain cache coherency as required by the architecture, which allows local users to cause a denial of service and possibly corrupt data by modifying PTE protections. | ||||
| CVE-2005-1839 | 1 Liberum | 1 Liberum Help Desk | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp. | ||||
| CVE-2005-1831 | 1 Todd Miller | 1 Sudo | 2026-04-16 | 8.4 High |
| Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty. | ||||
| CVE-2005-3103 | 1 Six Apart | 1 Movable Type | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title, (2) category, (3) body, (4) extended body, and (5) excerpt form fields in new blog entries. | ||||
| CVE-2005-1823 | 1 Qualiteam | 1 X-cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php. | ||||
| CVE-2005-3101 | 1 Six Apart | 1 Movable Type | 2026-04-16 | N/A |
| The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. | ||||
| CVE-2005-1566 | 1 Arcowave Systems | 1 Wlan Ap \+ Adsl Router | 2026-04-16 | N/A |
| Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTRL-C at the username or password prompt in a telnet session, which causes the shell to crash and restart, then leave the user in the new shell. | ||||
| CVE-2005-2989 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php. | ||||
| CVE-2005-1575 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160. | ||||
| CVE-2005-2990 | 1 Linecontrol | 1 Java Client | 2026-04-16 | N/A |
| AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files. | ||||
| CVE-2005-1584 | 1 Open Solution | 1 Quick.forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Quick.Forum 2.1.6 allows remote attackers to inject arbitrary web script or HTML via the topic field in a NewTopic action. | ||||