Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2292 1 Oracle 1 Jdeveloper 2026-04-16 N/A
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.
CVE-2005-3224 1 Avira 1 Antivir Personal 2026-04-16 N/A
Multiple interpretation error in unspecified versions of AntiVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-2294 1 Oracle 1 Forms 2026-04-16 N/A
Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers.
CVE-2005-2295 1 Pyrosoft Inc 1 Netpanzer 2026-04-16 N/A
NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (infinite loop) via a packet with a zero datablock size.
CVE-2005-2298 1 Softwin 1 Bitdefender Engine 2026-04-16 N/A
BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards.
CVE-2005-2299 1 Man And Machine Ltd. 1 Simple Message Board 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Simple Message Board Version 2.0 Beta 1 allow remote attackers to inject arbitrary web script or HTML via the (1) FID parameter to forum.cfm, (2) UID parameter to user.cfm, (3) TID parameter to thread.cfm, or (4) PostDate parameter to search.cfm.
CVE-2005-2300 1 Skype Technologies 1 Skype 2026-04-16 N/A
Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file.
CVE-2005-2311 1 Sms 1 Sms 2026-04-16 N/A
SMS 1.9.2m and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) request1 or (2) request2 temporary files.
CVE-2005-2312 1 Realnode 1 Emilda 2026-04-16 N/A
management.php in Realnode Emilda 1.2.2 and earlier allows remote attackers to perform actions as other users by modifying the user_id parameter.
CVE-2005-2314 1 Phpsftpd 1 Phpsftpd 2026-04-16 N/A
inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, which causes the login check to be bypassed and leaks the password in the response.
CVE-2005-2315 1 Dnrd 1 Dnrd 2026-04-16 N/A
Buffer overflow in Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to execute arbitrary code via a large number of large DNS packets with the Z and QR flags cleared.
CVE-2005-2316 1 Dnrd 1 Dnrd 2026-04-16 N/A
Domain Name Relay Daemon (DNRD) before 2.19.1 allows remote attackers to cause a denial of service (infinite recursion) via a DNS packet that uses message compression in the QNAME and two pointers that point to each other (circular buffer).
CVE-2005-3225 1 Broadcom 2 Etrust Antivirus, Etrust Antivirus Iris Engine 2026-04-16 N/A
Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-2317 1 Shorewall 1 Shorewall 2026-04-16 N/A
Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies.
CVE-2005-2318 1 Dvbbs 1 Dvbbs 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in showerr.asp in DVBBS 7.1 SP2 allows remote attackers to inject arbitrary web script or HTML via the action parameter.
CVE-2005-2319 1 Yawp 1 Yawp 2026-04-16 N/A
PHP remote file include vulnerability in Yawp library 1.0.6 and earlier, as used in YaWiki and possibly other products, allows remote attackers to include arbitrary files via the _Yawp[conf_path] parameter.
CVE-2005-2332 1 Php.warpedweb.net 1 Phppageprotect 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHPPageProtect 1.0.0a allows remote attackers to inject arbitrary web script or HTML via the username parameter to (1) admin.php or (2) login.php.
CVE-2005-3234 1 Grisoft 1 Avg Antivirus 2026-04-16 N/A
Multiple interpretation error in unspecified versions of Grisoft AVG Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-2333 1 Seo-board 1 Seo-board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in smilies_popup.php in SEO-Board 1.0 allows remote attackers to inject arbitrary web script or HTML via the doc parameter.
CVE-2005-2334 1 Y.sak 1 Y.sak 2026-04-16 N/A
Y.SAK allows remote attackers to execute arbitrary commands via shell metacharacters in the $no variable to (1) w_s3mbfm.cgi, (2) w_s3adix.cgi, or (3) w_s3sbfm.cgi.