Export limit exceeded: 361148 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 361148 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361148 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2041 | 1 Hauri | 1 Virobot Linux Server | 2026-04-16 | N/A |
| Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE). | ||||
| CVE-2005-2042 | 1 Ajax-spell | 1 Ajax-spell | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags. | ||||
| CVE-2005-2043 | 1 Xampp | 1 Apache Distribution | 2026-04-16 | N/A |
| Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php. | ||||
| CVE-2006-2378 | 1 Microsoft | 4 Ie, Internet Explorer, Windows 2003 Server and 1 more | 2026-04-16 | N/A |
| Buffer overflow in the ART Image Rendering component (jgdw400.dll) in Microsoft Windows XP SP1 and Sp2, Server 2003 SP1 and earlier, and Windows 98 and Me allows remote attackers to execute arbitrary code via a crafted ART image that causes heap corruption. | ||||
| CVE-2005-2049 | 1 Duware | 1 Duclassmate | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp. | ||||
| CVE-2005-2050 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space. | ||||
| CVE-2005-2051 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | N/A |
| Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-2052 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | N/A |
| Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. | ||||
| CVE-2005-2055 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | N/A |
| RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML file that executes an RM file via "default settings of earlier Internet Explorer browsers". | ||||
| CVE-2005-2067 | 1 Asp-nuke | 1 Asp-nuke | 2026-04-16 | N/A |
| SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid parameter. | ||||
| CVE-2005-2068 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| FreeBSD 4.x through 4.11 and 5.x through 5.4 allows remote attackers to modify certain TCP options via a TCP packet with the SYN flag set for an already established session. | ||||
| CVE-2005-2077 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote attackers to inject arbitrary web script or HTML via the error parameter. | ||||
| CVE-2006-2382 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability." | ||||
| CVE-2005-2072 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. | ||||
| CVE-2005-2073 | 1 Ibm | 1 Db2 | 2026-04-16 | N/A |
| Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | ||||
| CVE-2005-2074 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article post, possibly involving the (1) news_body, (2) article_description, or (3) article_body parameters to submit.php. | ||||
| CVE-2005-2075 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to the filename in the administration/db_backups directory in PHP-Fusion 6.0 or the fusion_admin/db_backups directory in 5.0. | ||||
| CVE-2005-2076 | 1 Hp | 1 Version Control Repository Manager | 2026-04-16 | N/A |
| HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen. | ||||
| CVE-2006-2384 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to conduct spoofing and phishing attacks by using a modal browser window in a way that preserves the original address bar and trusted UI of a trusted site, even after the browser has been navigated to a malicious site, aka the "Address Bar Spoofing Vulnerability." | ||||
| CVE-2005-2081 | 1 Digium | 1 Asterisk | 2026-04-16 | N/A |
| Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character. | ||||