Export limit exceeded: 364070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364070 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364070 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2275 1 Fortres Grand Corporation 1 Fortres 2026-04-16 N/A
Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together for 30 seconds, which opens multiple windows and eventually causes explorer.exe to crash, which then opens an unrestricted explorer.exe.
CVE-2005-3566 1 Symantec Veritas 4 Cluster Server, Sanpoint Control Quickstart, Storage Foundation and 1 more 2026-04-16 N/A
Buffer overflow in various ha commands of VERITAS Cluster Server for UNIX before 4.0MP2 allows local users to execute arbitrary code via a long VCSI18N_LANG environment variable to (1) haagent, (2) haalert, (3) haattr, (4) hacli, (5) hacli_runcmd, (6) haclus, (7) haconf, (8) hadebug, (9) hagrp, (10) hahb, (11) halog, (12) hareg, (13) hares, (14) hastatus, (15) hasys, (16) hatype, (17) hauser, and (18) tststew.
CVE-2002-2278 1 Portail Web Php 1 Portail Web Php 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in mod_search/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the (1) $App_Theme, (2) $Rub_Search, (3) $Rub_News, (4) $Rub_File, (5) $Rub_Liens, or (6) $Rub_Faq variables.
CVE-2005-3571 1 Codegrrl 5 Phpcalendar, Phpclique, Phpcurrently and 2 more 2026-04-16 N/A
PHP file inclusion vulnerability in protection.php in CodeGrrl (a) PHPCalendar 1.0, (b) PHPClique 1.0, (c) PHPCurrently 2.0, (d) PHPFanBase 2.1, and (e) PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when register_globals is enabled. NOTE: It was later reported that PHPFanBase 2.2 is also affected.
CVE-2005-3573 2 Gnu, Redhat 2 Mailman, Enterprise Linux 2026-04-16 N/A
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).
CVE-2005-3621 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.
CVE-2005-3623 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting access controls (ACL) on files on exported NFS filesystems, which allows remote attackers to bypass ACLs for readonly mounted NFS filesystems.
CVE-2005-3633 1 Sap 1 Sap Web Application Server 2026-04-16 N/A
HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter.
CVE-2002-2282 1 Mcafee 1 Virusscan 2026-04-16 N/A
McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs.
CVE-2005-3634 1 Sap 1 Sap Web Application Server 2026-04-16 N/A
frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.
CVE-2005-3104 1 Six Apart 1 Movable Type 2026-04-16 N/A
mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via URLs in comments.
CVE-2005-3097 1 Avi Alkalay 1 Contribute.cgi 2026-04-16 N/A
Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka contribute.pl), dated 16 Jun 2002, allows remote attackers to overwrite arbitrary files via ".." sequences in the contribdir variable.
CVE-2002-2153 1 Oracle 1 Application Server 2026-04-16 N/A
Format string vulnerability in the administrative pages of the PL/SQL module for Oracle Application Server 4.0.8 and 4.0.8 2 allows remote attackers to execute arbitrary code.
CVE-2005-3093 1 Nokia 2 3210, 7610 2026-04-16 N/A
Nokia 7610 and 3210 phones allows attackers to cause a denial of service via certain characters in the filename of a Bluetooth OBEX transfer.
CVE-2005-3048 1 Phpmyfaq 1 Phpmyfaq 2026-04-16 N/A
Directory traversal vulnerability in index.php in PhpMyFaq 1.5.1 allows remote attackers to read arbitrary files or include arbitrary PHP files via a .. (dot dot) in the LANGCODE parameter, which also allows direct code injection via the User Agent field in a request packet, which can be activated by using LANGCODE to reference the user tracking data file.
CVE-2005-3045 1 My Little Homepage 1 My Little Forum 2026-04-16 N/A
SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field.
CVE-2005-2801 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 7.5 High
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
CVE-2005-2804 1 Novell 1 Groupwise 2026-04-16 N/A
Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.
CVE-2005-2877 1 Twiki 1 Twiki 2026-04-16 N/A
The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers.
CVE-2005-2890 1 Secureol 1 Ve2 2026-04-16 N/A
SecureOL VE2 1.05.1008 does not properly restrict public access to physical memory, which allows local users to bypass intended restrictions and gain access to the secured environment via direct access to the PhysicalMemory device.