Export limit exceeded: 29906 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29906 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0622 | 1 Raidenhttpd | 1 Raidenhttpd | 2025-04-03 | N/A |
| RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . (dot) or (2) space. | ||||
| CVE-2005-0623 | 1 Raidenhttpd | 1 Raidenhttpd | 2025-04-03 | N/A |
| Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2005-0624 | 1 Debian | 1 Reportbug | 2025-04-03 | N/A |
| reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords. | ||||
| CVE-2005-0625 | 1 Debian | 1 Reportbug | 2025-04-03 | N/A |
| reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | ||||
| CVE-2005-0636 | 1 Foxmail | 1 Foxmail Email Server | 2025-04-03 | N/A |
| Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command. | ||||
| CVE-2005-0626 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2025-04-03 | N/A |
| Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies. | ||||
| CVE-2005-0627 | 1 Trolltech | 1 Qt | 2025-04-03 | N/A |
| Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. | ||||
| CVE-2005-0628 | 1 Demof | 1 Forumwa | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in search.php or the (2) body or (3) subject of a forum message. | ||||
| CVE-2005-0629 | 1 427bb | 1 Fourtwosevenbb | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters. | ||||
| CVE-2005-0630 | 1 Pblang | 1 Pblang | 2025-04-03 | N/A |
| sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter. | ||||
| CVE-2005-0631 | 1 Pblang | 1 Pblang | 2025-04-03 | N/A |
| delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters. | ||||
| CVE-2005-0632 | 1 Phpnews | 1 Phpnews | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2005-0633 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2025-04-03 | N/A |
| Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | ||||
| CVE-2005-0634 | 1 Kmint21 Software | 1 Golden Ftp Server | 2025-04-03 | N/A |
| Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. | ||||
| CVE-2005-0637 | 1 Openbsd | 1 Openbsd | 2025-04-03 | N/A |
| The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | ||||
| CVE-2005-0638 | 4 Altlinux, Redhat, Suse and 1 more | 4 Alt Linux, Enterprise Linux, Suse Linux and 1 more | 2025-04-03 | N/A |
| xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. | ||||
| CVE-2005-0639 | 3 Altlinux, Suse, Xli | 3 Alt Linux, Suse Linux, Xli | 2025-04-03 | N/A |
| Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files. | ||||
| CVE-2005-0640 | 1 Broadcom | 1 Unicenter Asset Management | 2025-04-03 | N/A |
| Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods. | ||||
| CVE-2005-0641 | 1 Broadcom | 1 Unicenter Asset Management | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template. | ||||
| CVE-2005-0642 | 1 Broadcom | 1 Unicenter Asset Management | 2025-04-03 | N/A |
| SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file. | ||||