Export limit exceeded: 348026 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2943 | 1 Davide Libenzi | 1 Xmail | 2026-04-16 | N/A |
| Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option. | ||||
| CVE-2005-2944 | 1 Brent Ely | 1 Gnome Workstation Command Center | 2026-04-16 | N/A |
| The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file. | ||||
| CVE-2005-2947 | 1 Killprocess | 1 Killprocess | 2026-04-16 | N/A |
| Buffer overflow in KillProcess 2.20 and earlier allows user-assisted attackers to execute arbitrary code via an exe file with a long FileDescription in the version resource. | ||||
| CVE-2005-2948 | 1 Killprocess | 1 Killprocess | 2026-04-16 | N/A |
| KillProcess 2.20 and earlier allows local users to bypass kill list restrictions by launching multiple processes at the same time, which are not all killed by KillProcess. | ||||
| CVE-2005-2949 | 1 Mark D. Roth | 1 Pam Per User | 2026-04-16 | N/A |
| pam_per_user before 0.4 does not verify if the user name changes between authentication attempts and uses the same subrequest handle, which allows remote attackers or local users to login as other users by using certain applications that allow the username to be changed during authentication, such as /bin/login. | ||||
| CVE-2005-2950 | 1 Sawmill | 1 Sawmill | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through 7.1.13 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP GET request. | ||||
| CVE-2005-2951 | 1 Azerbaijan Development Group | 1 Azdgdating | 2026-04-16 | N/A |
| Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement. | ||||
| CVE-2005-2952 | 1 Subscribe Me Pro | 1 Subscribe Me Pro | 2026-04-16 | N/A |
| Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09P and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. | ||||
| CVE-2005-3163 | 1 Polipo | 1 Polipo | 2026-04-16 | N/A |
| Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers to read files outside of the web root. | ||||
| CVE-2005-3005 | 1 Helpdesk Software | 1 Hesk | 2026-04-16 | N/A |
| Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie. | ||||
| CVE-2005-2977 | 2 Pam, Redhat | 2 Pam, Enterprise Linux | 2026-04-16 | N/A |
| The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses. | ||||
| CVE-2005-2973 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash). | ||||
| CVE-2005-2974 | 2 Libungif, Redhat | 2 Libungif, Enterprise Linux | 2026-04-16 | N/A |
| libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference. | ||||
| CVE-2005-2979 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in phpoutsourcing Noah's classifieds allows remote attackers to execute arbitrary SQL commands via the rollid parameter. | ||||
| CVE-2005-2980 | 1 Phpoutsourcing | 1 Noahs Classifieds | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter. | ||||
| CVE-2005-2982 | 1 Compaq | 1 Compaqhttpserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CompaqHTTPServer 2.1 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly quoted in the resulting 404 error page. | ||||
| CVE-2005-2984 | 1 Data Center Resources | 1 Avocent | 2026-04-16 | N/A |
| Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port. | ||||
| CVE-2005-2995 | 1 Bacula | 1 Bacula | 2026-04-16 | N/A |
| bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in. | ||||
| CVE-2005-2985 | 1 Aewebworks | 1 Aedating | 2026-04-16 | N/A |
| SQL injection vulnerability in search_result.php in AEwebworks aeDating Script 4.0 and earlier allows remote attackers to execute arbitrary SQL statements via the Country parameter. | ||||
| CVE-2005-2987 | 1 Digital Scribe | 1 Digital Scribe | 2026-04-16 | N/A |
| SQL injection vulnerability in login.php in Digital Scribe 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||