Export limit exceeded: 29908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0489 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory. | ||||
| CVE-2005-0491 | 1 Knox Software | 1 Arkeia Server Backup | 2025-04-03 | N/A |
| Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request. | ||||
| CVE-2005-0493 | 1 Seth M. Knorr | 1 Biz Mail Form | 2025-04-03 | N/A |
| CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter. | ||||
| CVE-2005-0494 | 1 Thomson | 1 Thomson Cable Modem | 2025-04-03 | N/A |
| The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request. | ||||
| CVE-2005-0495 | 1 Zeroboard | 1 Zeroboard | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the (1) sn1, (2) year, or (3) page parameter to zboard.php or (4) filename to view_image.php. | ||||
| CVE-2005-0497 | 1 Adp | 1 Elite System Max 9000 | 2025-04-03 | N/A |
| ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory. | ||||
| CVE-2005-0498 | 1 Gigafast Ethernet | 1 Gigafast Router | 2025-04-03 | N/A |
| Gigafast router (aka CompUSA router) allows remote attackers to gain sensitive information and bypass the login page via a direct request to backup.cfg, which reveals the administrator password in plaintext. | ||||
| CVE-2005-0499 | 1 Gigafast Ethernet | 1 Gigafast Router | 2025-04-03 | N/A |
| Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to cause a denial of service via malformed DNS queries. | ||||
| CVE-2005-0500 | 1 Microsoft | 2 Ie, Internet Explorer | 2025-04-03 | N/A |
| Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks. | ||||
| CVE-2005-0501 | 1 Digipen Institute Of Technology | 1 Bontago | 2025-04-03 | N/A |
| Buffer overflow in Bontago 1.1 and earlier allows remote attackers to execute arbitrary code via a long nickname. | ||||
| CVE-2005-0502 | 1 Xinkaa Web Station | 1 Xinkaa Web Station | 2025-04-03 | N/A |
| Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows remote attackers to read arbitrary files via (1) ../ and (2) ..\ characters in an HTTP request. | ||||
| CVE-2005-0503 | 2 Mandrakesoft, Uim | 2 Mandrake Linux, Uim | 2025-04-03 | N/A |
| uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. | ||||
| CVE-2005-0505 | 1 Stackworks Enterprises | 1 Information Resource Manager | 2025-04-03 | N/A |
| Unknown vulnerability in Information Resource Manager (IRM) before 1.5.2.1 allows remote attackers to have "potentially serious" impact, related to LDAP logins. | ||||
| CVE-2005-0506 | 1 Avaya | 2 Ip Office Phone Manager, Ip Soft Phone | 2025-04-03 | N/A |
| The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic. | ||||
| CVE-2005-0507 | 1 Gd Software | 1 Sd Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in SD Server 4.0.70 and earlier allows remote attackers to read arbitrary files via .. sequences in an HTTP request. | ||||
| CVE-2005-0508 | 1 Apache | 1 Batik | 2025-04-03 | N/A |
| Unknown vulnerability in Squiggle for Batik before 1.5.1 allows attackers to bypass certain access controls via certain features of the Rhino scripting engine due to a "script security issue." | ||||
| CVE-2005-0509 | 2 Microsoft, Mono | 2 .net Framework, Mono | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote attackers to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, including ">" and "<". | ||||
| CVE-2005-0510 | 1 Fallback-reboot | 1 Fallback-reboot | 2025-04-03 | N/A |
| The daemon for fallback-reboot before 0.995 allows attackers to cause a denial of service (daemon exit), possibly related to verbose debug messages when the daemon is not on a tty. | ||||
| CVE-2005-0511 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | N/A |
| misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter. | ||||
| CVE-2005-0512 | 1 Mambo | 1 Mambo | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693. | ||||