Search Results (29946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0071 1 Vdr 1 Vdr 2026-04-16 N/A
vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files.
CVE-2005-0080 2 Gnu, Ubuntu 2 Mailman, Ubuntu Linux 2026-04-16 N/A
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address.
CVE-2005-0081 1 Mysql 1 Maxdb 2026-04-16 N/A
MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
CVE-2005-0090 1 Redhat 2 Enterprise Linux, Enterprise Linux Desktop 2026-04-16 N/A
A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).
CVE-2005-0119 1 Helvis 1 Helvis 2026-04-16 N/A
helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program.
CVE-2005-0136 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.
CVE-2005-0141 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
CVE-2005-0144 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.
CVE-2005-0146 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.
CVE-2005-0250 1 Ibm 1 Aix 2026-04-16 N/A
Format string vulnerability in auditselect on IBM AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via format string specifiers in a command line argument.
CVE-2005-0262 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
CVE-2005-0263 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
CVE-2005-0267 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
index.php in FlatNuke 2.5.1 allows remote attackers to create an administrator account via carriage returns and #10 in the url_avatar field, which is interpreted as a sensitive directive.
CVE-2005-0275 1 3com 1 3cdaemon 2026-04-16 N/A
TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) via a GET request containing an MS-DOS device name.
CVE-2005-0285 1 Bottomline 1 Webseries Payment Application 2026-04-16 N/A
Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs.
CVE-2005-0299 1 Gforge 1 Gforge 2026-04-16 N/A
Directory traversal vulnerability in GForge 3.3 and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the (1) dir parameter to controller.php or (2) dir_name parameter to controlleroo.php.
CVE-2005-0301 1 Comersus Open Technologies 1 Comersus Backoffice Lite 2026-04-16 N/A
comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass authentication and gain privileges via a direct request to the program.
CVE-2005-0323 1 Captaris 1 Infinite Mobile Delivery Webmail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery Webmail 2.6 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2005-0328 2 Netgear, Zyxel 3 Rt311, Rt314, Prestige 2026-04-16 N/A
Zyxel P310, P314, P324 and Netgear RT311, RT314 running the latest firmware, allows remote attackers on the WAN to obtain the IP address of the LAN side interface by pinging a valid LAN IP address, which generates an ARP reply from the WAN address side that maps the LAN IP address to the WAN's MAC address.
CVE-2005-0332 1 Ventia 1 Desknow Mail And Collaboration Server 2026-04-16 N/A
Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote attackers to (1) upload and possibly execute files outside the directory via the AttachmentsKey parameter to attachment.do, as demonstrated using JSP pages, or (2) delete arbitrary files via the select_file parameter to file.do.