Export limit exceeded: 349823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349823 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2525 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2026-04-16 | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 does not properly close file descriptors when handling multiple simultaneous print jobs, which allows remote attackers to cause a denial of service (printing halt). | ||||
| CVE-2005-2526 | 2 Apple, Easy Software Products | 2 Mac Os X, Cups | 2026-04-16 | N/A |
| CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | ||||
| CVE-2005-2527 | 1 Sun | 1 Java | 2026-04-16 | N/A |
| Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. | ||||
| CVE-2005-2529 | 1 Sun | 1 Java | 2026-04-16 | N/A |
| Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives." | ||||
| CVE-2005-2536 | 1 Pstotext | 1 Pstotext | 2026-04-16 | N/A |
| pstotext before 1.8g does not properly use the "-dSAFER" option when calling Ghostscript to extract plain text from PostScript and PDF files, which allows remote attackers to execute arbitrary commands via a malicious PostScript file. | ||||
| CVE-2005-2537 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via a direct request to structure.php. | ||||
| CVE-2005-2530 | 1 Sun | 1 Java | 2026-04-16 | N/A |
| Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS X specific extensions." | ||||
| CVE-2005-2531 | 1 Openvpn | 1 Openvpn | 2026-04-16 | N/A |
| OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts. | ||||
| CVE-2005-2532 | 1 Openvpn | 1 Openvpn | 2026-04-16 | N/A |
| OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted. | ||||
| CVE-2005-2533 | 1 Openvpn | 1 Openvpn | 2026-04-16 | N/A |
| OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses. | ||||
| CVE-2005-2534 | 1 Openvpn | 1 Openvpn | 2026-04-16 | N/A |
| Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service (server crash) via simultaneous TCP connections from multiple clients that use the same client certificate. | ||||
| CVE-2005-2538 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to obtain sensitive information via (1) a null byte or (2) an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1 in the mod parameter. | ||||
| CVE-2005-2540 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| CRLF injection vulnerability in FlatNuke 2.5.5 and possibly earlier versions allows remote attackers to execute arbitrary PHP commands via an ASCII char 13 (carriage return) in the signature field, which is injected into a PHP script without a preceding comment character, which can then be executed by a direct request. | ||||
| CVE-2005-2542 | 1 Invision Power Services | 1 Invision Board | 2026-04-16 | N/A |
| Invision Power Board (IPB) 1.0.3 allows remote attackers to inject arbitrary web script or HTML via an attachment, which is automatically downloaded and processed as HTML. | ||||
| CVE-2005-2543 | 1 Comdev | 1 Comdev Ecommerce | 2026-04-16 | N/A |
| Directory traversal vulnerability in wce.download.php in Comdev eCommerce 3.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the download parameter. | ||||
| CVE-2005-2544 | 1 Comdev | 1 Comdev Ecommerce | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in config.php in Comdev eCommerce 3.0 allows remote attackers to execute arbitrary PHP code via the path[docroot] parameter. | ||||
| CVE-2005-2545 | 1 Phpopenchat | 1 Phpopenchat | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPOpenChat 3.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content parameter to profile.php and profile_misc.php, (3) the profile fields in userpage.php, (4) subject or (5) body in mail.php, or (8) disinvited_chatter or (7) invited_chatter parameter to invite.php. | ||||
| CVE-2005-2547 | 1 Bluez Project | 1 Bluez | 2026-04-16 | N/A |
| security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper. | ||||
| CVE-2005-2548 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd. | ||||
| CVE-2005-2550 | 2 Gnome, Redhat | 2 Evolution, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. | ||||