Export limit exceeded: 361796 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361796 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3111 | 1 Debian | 1 Backupninja | 2026-04-16 | N/A |
| The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-2005-2887 | 1 Maxdev | 1 Md-pro | 2026-04-16 | N/A |
| MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) wiki.php, (2) AutoTheme directory, (3) Blocks directory, (4) admin.php, (5) pnadmin.php, or (6) Topics directory, which reveal the path in an error message. | ||||
| CVE-2005-3113 | 1 Nateon | 1 Nateon Messenger | 2026-04-16 | N/A |
| The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to download and execute arbitrary programs by setting the arguments to the GotNate.Excute method. | ||||
| CVE-2005-2890 | 1 Secureol | 1 Ve2 | 2026-04-16 | N/A |
| SecureOL VE2 1.05.1008 does not properly restrict public access to physical memory, which allows local users to bypass intended restrictions and gain access to the secured environment via direct access to the PhysicalMemory device. | ||||
| CVE-2005-2891 | 1 Csystems | 1 Webarchivex | 2026-04-16 | N/A |
| WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) MakeArchiveStr methods. | ||||
| CVE-2005-3114 | 1 Nateon | 1 Nateon Messenger | 2026-04-16 | N/A |
| Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method. | ||||
| CVE-2005-2892 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| Directory traversal vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) in the u parameter. | ||||
| CVE-2005-2895 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to obtain sensitive information via a %00 (a null byte) in the u parameter, which reveals the path in an error message. | ||||
| CVE-2005-2897 | 1 Stylemotion | 1 Web News | 2026-04-16 | N/A |
| WEB//NEWS 1.4 allows remote attackers to obtain sensitive information via a direct request to files in the actions directory, which reveal the path in an error message, as demonstrated using cat.add.php. | ||||
| CVE-2005-3115 | 1 Mpeg-tools | 1 Mpeg-tools | 2026-04-16 | N/A |
| mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN]. | ||||
| CVE-2005-2903 | 1 Eset Software | 1 Nod32 Antivirus | 2026-04-16 | N/A |
| Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. | ||||
| CVE-2005-2915 | 1 Linksys | 1 Wrt54g | 2026-04-16 | N/A |
| ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | ||||
| CVE-2005-2926 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2005-2929 | 2 Redhat, University Of Kansas | 2 Enterprise Linux, Lynx | 2026-04-16 | N/A |
| Lynx 2.8.5, and other versions before 2.8.6dev.15, allows remote attackers to execute arbitrary commands via (1) lynxcgi:, (2) lynxexec, and (3) lynxprog links, which are not properly restricted in the default configuration in some environments. | ||||
| CVE-2005-2930 | 1 Jed Wing | 1 Chm Lib | 2026-04-16 | N/A |
| Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318. | ||||
| CVE-2005-2931 | 1 Ipswitch | 2 Imail Server, Ipswitch Collaboration Suite | 2026-04-16 | N/A |
| Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands. | ||||
| CVE-2005-3116 | 1 Symantec Veritas | 1 Netbackup | 2026-04-16 | N/A |
| Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2005-2932 | 1 Checkpoint | 2 Zonealarm, Zonealarm Security Suite | 2026-04-16 | N/A |
| Multiple Check Point Zone Labs ZoneAlarm products before 7.0.362, including ZoneAlarm Security Suite 5.5.062.004 and 6.5.737, use insecure default permissions for critical files, which allows local users to gain privileges or bypass security controls. | ||||
| CVE-2005-2933 | 2 Redhat, University Of Washington | 3 Enterprise Linux, Rhel Stronghold, Uw-imap | 2026-04-16 | N/A |
| Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely. | ||||
| CVE-2005-2935 | 1 Microsoft | 1 Antispyware | 2026-04-16 | N/A |
| Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to execute gsasDtServ.exe. NOTE: it is not clear whether this overlaps CVE-2005-2940. | ||||