Export limit exceeded: 366126 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366126 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366126 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0328 2 Netgear, Zyxel 3 Rt311, Rt314, Prestige 2026-04-16 N/A
Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address.
CVE-2005-0332 1 Ventia 1 Desknow Mail And Collaboration Server 2026-04-16 N/A
Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote attackers to (1) upload and possibly execute files outside the directory via the AttachmentsKey parameter to attachment.do, as demonstrated using JSP pages, or (2) delete arbitrary files via the select_file parameter to file.do.
CVE-2005-0448 2 Larry Wall, Redhat 2 Perl, Enterprise Linux 2026-04-16 N/A
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4 allows local users to create arbitrary setuid binaries in the tree being deleted, a different vulnerability than CVE-2004-0452.
CVE-2005-0461 1 Leonard Richardson 1 Newsbruiser 2026-04-16 N/A
Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote attackers to "take actions on comments."
CVE-2005-0469 2 Ncsa, Redhat 2 Telnet, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
CVE-2005-0497 1 Adp 1 Elite System Max 9000 2026-04-16 N/A
ADP Elite System Max 9000 allows remote authenticated users to gain privileges by uploading a .profile that sets the ADPROOT environment variable to the root directory.
CVE-2005-0523 1 Prozilla 1 Prozilla Download Accelerator 2026-04-16 N/A
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
CVE-2005-0546 2 Cyrus, Redhat 2 Imapd, Enterprise Linux 2026-04-16 N/A
Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
CVE-2005-0551 1 Microsoft 3 Windows 2000, Windows 2003 Server, Windows Xp 2026-04-16 N/A
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
CVE-2005-0554 1 Microsoft 1 Internet Explorer 2026-04-16 N/A
Buffer overflow in the URL processor of Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL with a long hostname, aka "URL Parsing Memory Corruption Vulnerability."
CVE-2005-0848 1 Funlabs 9 4x4 Off-road Adventure Iii, Cabelas Big Game Hunter 2004 Season, Cabelas Big Game Hunter 2005 and 6 more 2026-04-16 N/A
Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangerous Hunts, Deer Hunt, Revolution, Secret Service, Shadow Force, and US Most Wanted, allow remote attackers to cause a denial of service via an empty UDP packet to the server, which cannot detect that a new packet has arrived using the socket ioctl.
CVE-2005-0862 1 Phpopenchat 1 Phpopenchat 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter to (1) poc_loginform.php or (2) phpbb/poc.php, the poc_root_path parameter to (3) phpbb/poc.php, (4) phpnuke/ENGLISH_poc.php, (5) phpnuke/poc.php, or (6) yabbse/poc.php, or (7) the sourcedir parameter to yabbse/poc.php.
CVE-2005-0865 1 Securecomputing 1 Samsung Adsl Modem 2026-04-16 N/A
Samsung ADSL Modem SMDK8947v1.2 uses default passwords for the (1) root, (2) admin, or (3) user users, which allows remote attackers to gain privileges via Telnet or an HTTP request to adsl.cgi.
CVE-2005-0873 1 Oracle 1 10g Reports Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote attackers to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter.
CVE-2005-0876 1 Dnsmasq 1 Dnsmasq 2026-04-16 N/A
Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file.
CVE-2005-0906 3 Instance Four, Sacred, Ubi Soft 3 Tincat, Sacred, The Settlersheritage Of Kings 2026-04-16 N/A
Buffer overflow in a player logging function in the Tincat network library 2.x before 2.0.28, as used in games such as Sacred and The Settlers: Heritage of Kings, allows remote attackers to execute arbitrary code.
CVE-2005-0927 1 Web-app.org 1 Webapp 2026-04-16 N/A
Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences.
CVE-2005-0929 1 Photopost 1 Photopost Php Pro 2026-04-16 N/A
SQL injection vulnerability in PhotoPost PHP Pro 5.x may allow remote attackers to execute arbitrary SQL commands via (1) the sl parameter to showmembers.php or (2) the photo parameter to showphoto.php.
CVE-2005-0932 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
Multiple SQL injection vulnerabilities in phpCOIN 1.2.1b and earlier allow remote attackers to execute arbitrary SQL commands (1) via the search engine, (2) the username or email fields in the "forgotten password" feature, or (3) the domain name in a package order.
CVE-2005-0944 1 Microsoft 1 Jet 2026-04-16 N/A
Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.