Export limit exceeded: 349262 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29911 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29911 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2755 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference. | ||||
| CVE-2005-3620 | 1 Vmware | 1 Esx | 2026-04-16 | N/A |
| The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local users to gain privileges. | ||||
| CVE-2005-2757 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." | ||||
| CVE-2005-2761 | 1 Phpgroupware | 1 Phpgroupware | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in phpGroupWare 0.9.16.000 allows administrators to inject arbitrary web script or HTML by modifying the main screen message. | ||||
| CVE-2005-2764 | 1 Openttd | 1 Openttd | 2026-04-16 | N/A |
| Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2005-2775 | 1 Phpwebnotes | 1 Phpwebnotes | 2026-04-16 | N/A |
| php_api.php in phpWebNotes 2.0.0 uses the extract function to modify key variables such as $t_path_core, which leads to a PHP file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code via the t_path_core parameter. | ||||
| CVE-2005-2780 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature. | ||||
| CVE-2005-2788 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Land Down Under (LDU) 801 and earlier allow remote attackers to execute arbitrary SQL commands via the c parameter to (1) events.php, (2) index.php, or (3) list.php. | ||||
| CVE-2005-2040 | 1 Telnetd | 1 Telnetd | 2026-04-16 | N/A |
| Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469. | ||||
| CVE-2005-2043 | 1 Xampp | 1 Apache Distribution | 2026-04-16 | N/A |
| Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php. | ||||
| CVE-2005-2051 | 1 Symantec Veritas | 1 Backup Exec | 2026-04-16 | N/A |
| Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code. | ||||
| CVE-2005-2063 | 1 Active Web Softwares | 1 Activebuyandsell | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to sendpassword.asp or (2) Keyword field in search.asp. | ||||
| CVE-2005-2070 | 1 Sendmail | 1 Sendmail | 2026-04-16 | N/A |
| The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading. | ||||
| CVE-2005-2791 | 1 Bfcommand And Control Software | 2 Bfcc, Bfvcc | 2026-04-16 | N/A |
| BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, allows remote attackers to cause a denial of service (refused new connections) via a series of connections and disconnections without sending the login command. | ||||
| CVE-2005-2082 | 1 Cgi-club | 1 Imtrset | 2026-04-16 | N/A |
| im_trbbs.cgi in imTRSET 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the df parameter. | ||||
| CVE-2005-2085 | 1 Infradig Systems | 1 Inframail Advantage | 2026-04-16 | N/A |
| Buffer overflow in Inframail Advantage Server Edition 6.0 through 6.7 allows remote attackers to cause a denial of service (process crash) via a long (1) SMTP FROM field or possibly (2) FTP NLST command. | ||||
| CVE-2005-2794 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. | ||||
| CVE-2004-0235 | 8 Clearswift, F-secure, Rarlab and 5 more | 15 Mailsweeper, F-secure Anti-virus, F-secure For Firewalls and 12 more | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). | ||||
| CVE-2004-0240 | 1 Qualiteam | 1 X-cart | 2026-04-16 | N/A |
| Directory traversal vulnerability in X-Cart 3.4.3 allows remote attackers to view arbitrary files via a .. (dot dot) in the shop_closed_file argument to auth.php. | ||||
| CVE-2004-0247 | 1 Cauldron | 2 Chaser Client, Chaser Server | 2026-04-16 | N/A |
| The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service (crash via exception) via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory. | ||||