Export limit exceeded: 349431 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349431 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349431 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349431 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0068 | 1 Tcp | 1 Tcp | 2026-04-16 | N/A |
| The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. | ||||
| CVE-2005-0069 | 2 Redhat, Vim Development Group | 2 Enterprise Linux, Vim | 2026-04-16 | N/A |
| The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-0074 | 1 Xpcd | 1 Xpcd | 2026-04-16 | N/A |
| Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code. | ||||
| CVE-2005-0075 | 2 Redhat, Squirrelmail | 2 Enterprise Linux, Squirrelmail | 2026-04-16 | N/A |
| prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers. | ||||
| CVE-2005-0070 | 1 Synaesthesia | 1 Synaesthesia | 2026-04-16 | N/A |
| Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files. | ||||
| CVE-2005-0071 | 1 Vdr | 1 Vdr | 2026-04-16 | N/A |
| vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files. | ||||
| CVE-2005-0073 | 1 Debian | 1 Sympa | 2026-04-16 | N/A |
| Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code. | ||||
| CVE-2005-0076 | 1 Debian | 1 Debian Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. | ||||
| CVE-2005-0077 | 4 Debian, Gentoo, Redhat and 1 more | 5 Debian Linux, Linux, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. | ||||
| CVE-2005-0078 | 3 Debian, Kde, Redhat | 5 Debian Linux, Kde, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. | ||||
| CVE-2005-0081 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers. | ||||
| CVE-2005-0082 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. | ||||
| CVE-2005-0083 | 1 Mysql | 1 Maxdb | 2026-04-16 | N/A |
| MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference. | ||||
| CVE-2005-0084 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2005-0085 | 4 Htdig, Mandrakesoft, Redhat and 1 more | 6 Htdig, Mandrake Linux, Mandrake Linux Corporate Server and 3 more | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. | ||||
| CVE-2005-0087 | 2 Alsa-project, Redhat | 2 Alsa-lib, Enterprise Linux | 2026-04-16 | N/A |
| The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library. | ||||
| CVE-2005-0094 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses. | ||||
| CVE-2005-0095 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers. | ||||
| CVE-2005-0088 | 2 Apache, Redhat | 2 Mod Python, Enterprise Linux | 2026-04-16 | N/A |
| The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL. | ||||
| CVE-2005-0098 | 1 Abuse | 1 Abuse-sdl | 2026-04-16 | N/A |
| Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before 2.00 allow local users to execute arbitrary code via the command line. | ||||