Export limit exceeded: 359713 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359713 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2806 | 1 Trevor Hogan | 1 Bnbt | 2026-04-16 | N/A |
| client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service (application hang) via an HTTP header containing only a ":" (colon), possibly leading to an integer signedness error due to a missing field name or value. | ||||
| CVE-2005-2807 | 1 Frox | 1 Frox | 2026-04-16 | N/A |
| frox 0.7.18, when running setuid root, does not properly drop privileges when reading a configuration file, which allows local users to read portions of arbitrary files via the -f command line option. | ||||
| CVE-2005-2808 | 1 Frox | 1 Frox | 2026-04-16 | N/A |
| frox 0.7.16 and 0.7.17 does not properly parse certain Deny ACLs, which might allow attackers to bypass intended restrictions and access blocked hosts. | ||||
| CVE-2005-2809 | 1 Silc | 1 Secure Internet Live Conferencing | 2026-04-16 | N/A |
| silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file. | ||||
| CVE-2005-2810 | 1 Urban | 1 Urban | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in urban before 1.5.3 allow local users to gain privileges via a long HOME environment variable to (1) config.cc, (2) game.cc, (3) highscor.cc, or (4) meny.cc. | ||||
| CVE-2005-2811 | 1 Net-snmp | 1 Net-snmp | 2026-04-16 | N/A |
| Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges. | ||||
| CVE-2005-2814 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php. | ||||
| CVE-2005-2815 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1. | ||||
| CVE-2005-2816 | 1 Greymatter | 1 Greymatter Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Greymatter allows remote attackers to inject arbitrary web script or HTML via a post comment, which is recorded in a log file but not properly handled when the administrator uses "View Control Panel Log" to read the log file. | ||||
| CVE-2005-2817 | 1 Simple Machines | 1 Simple Machines Forum | 2026-04-16 | N/A |
| Simple Machines Forum (SMF) 1-0-5 and earlier supports the use of URLs for avatar images, which allows remote attackers to monitor sensitive information of forum visitors such as IP address and user agent, as demonstrated using a PHP script on a malicious server. | ||||
| CVE-2005-2818 | 1 Eric Fichot | 1 Downfile | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DownFile 1.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter to (1) email.php,(2) index.php, (3) del.php, or (4) add_form.php. | ||||
| CVE-2005-2819 | 1 Eric Fichot | 1 Downfile | 2026-04-16 | N/A |
| DownFile 1.3 allows remote attackers to gain administrator privileges via a direct request to (1) update.php, (2) del.php, and (3) add_form.php. | ||||
| CVE-2005-2667 | 2 Broadcom, Ca | 24 Advantage Data Transport, Adviseit, Brightstor Portal and 21 more | 2026-04-16 | N/A |
| Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows attackers to cause a denial of service via unknown vectors, aka the "CAM TCP port vulnerability." | ||||
| CVE-2005-2663 | 1 Masqmail | 1 Masqmail | 2026-04-16 | N/A |
| masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file. | ||||
| CVE-2005-2660 | 1 Apachetop | 1 Apachetop | 2026-04-16 | N/A |
| apachetop 0.12.5 and earlier, when running in debug mode, allows local users to create or append to arbitrary files via a symlink attack on atop.debug. | ||||
| CVE-2005-2659 | 1 Jed Wing | 1 Chm Lib | 2026-04-16 | N/A |
| Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors. | ||||
| CVE-2005-2658 | 1 Softwolves Software | 1 Turquoise Superstat | 2026-04-16 | N/A |
| Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month. | ||||
| CVE-2005-3102 | 1 Six Apart | 1 Movable Type | 2026-04-16 | N/A |
| The administrative interface in Movable Type allows attackers to upload files with arbitrary extensions under the web root. | ||||
| CVE-2005-2482 | 1 Metasploit | 1 Metasploit Framework | 2026-04-16 | N/A |
| The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the "_Defanged" environment option is checked when processing the Exploit command. | ||||
| CVE-2005-2483 | 1 Karrigell | 1 Karrigell | 2026-04-16 | N/A |
| Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script. | ||||