Export limit exceeded: 10654 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363827 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2145 | 1 Prevx | 1 Prevx Pro 2005 | 2026-04-16 | N/A |
| The kernel driver in Prevx Pro 2005 1.0 does not verify the source of certain messages, which allows local users to bypass protection by sending certain messages to the driver, as demonstrated by sending an "allow" message to bypass a warning message. | ||||
| CVE-2005-2184 | 1 Emc | 1 Eroom | 2026-04-16 | N/A |
| eRoom 6.x does not properly restrict files that can be attached, which allows remote attackers to execute arbitrary commands via a .lnk file. | ||||
| CVE-2005-2189 | 1 Lantronix | 1 Securelinx | 2026-04-16 | N/A |
| Lantronix SecureLinx console server running firmware 2.0 and 3.0 stores /etc/ssh under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as SSH private keys. | ||||
| CVE-2005-2195 | 1 Apple | 1 Darwin Streaming Server | 2026-04-16 | N/A |
| Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502. | ||||
| CVE-2005-2217 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2026-04-16 | N/A |
| Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | ||||
| CVE-2005-2233 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare. | ||||
| CVE-2005-2238 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| ftpd in IBM AIX 5.1, 5.2 and 5.3 allows remote authenticated users to cause a denial of service (port exhaustion and memory consumption) by using all ephemeral ports. | ||||
| CVE-2006-2265 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2026-04-16 | N/A |
| Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-2247 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors. | ||||
| CVE-2006-2266 | 1 Chirpy | 1 Chirpy | 2026-04-16 | N/A |
| SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | ||||
| CVE-2005-2922 | 2 Realnetworks, Redhat | 6 Helix Player, Realone Player, Realplayer and 3 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header. | ||||
| CVE-2005-2923 | 1 Ipswitch | 2 Imail Server, Ipswitch Collaboration Suite | 2026-04-16 | N/A |
| The IMAP server in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to cause a denial of service (crash) via a long argument to the LIST command, which causes IMail Server to reference invalid memory. | ||||
| CVE-2005-2926 | 1 Sco | 1 Openserver | 2026-04-16 | N/A |
| Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable. | ||||
| CVE-2005-2927 | 1 Sco | 1 Unixware | 2026-04-16 | N/A |
| Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command. | ||||
| CVE-2005-2931 | 1 Ipswitch | 2 Imail Server, Ipswitch Collaboration Suite | 2026-04-16 | N/A |
| Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands. | ||||
| CVE-2005-2935 | 1 Microsoft | 1 Antispyware | 2026-04-16 | N/A |
| Unquoted Windows search path vulnerability in Microsoft AntiSpyware might allow local users to execute code via a malicious c:\program.exe file, which is run by AntiSpywareMain.exe when it attempts to execute gsasDtServ.exe. NOTE: it is not clear whether this overlaps CVE-2005-2940. | ||||
| CVE-2005-2266 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents. | ||||
| CVE-2005-2938 | 1 Apple | 1 Itunes | 2026-04-16 | N/A |
| Unquoted Windows search path vulnerability in iTunesHelper.exe in iTunes 4.7.1.30 and iTunes 5 for Windows might allow local users to gain privileges via a malicious C:\program.exe file. | ||||
| CVE-2005-2269 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as demonstrated using an XHTML document with IMG tags with custom properties ("XHTML node spoofing"). | ||||
| CVE-2005-2940 | 1 Microsoft | 1 Antispyware | 2026-04-16 | N/A |
| Unquoted Windows search path vulnerability in Microsoft Antispyware 1.0.509 (Beta 1) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, involving the programs (1) GIANTAntiSpywareMain.exe, (2) gcASNotice.exe, (3) gcasServ.exe, (4) gcasSWUpdater.exe, or (5) GIANTAntiSpywareUpdater.exe. NOTE: it is not clear whether this overlaps CVE-2005-2935. | ||||