Export limit exceeded: 362038 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (362038 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0003 4 Avaya, Linux, Mandrakesoft and 1 more 15 Converged Communications Server, Intuity Audix, Mn100 and 12 more 2026-04-16 N/A
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
CVE-2004-2686 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure.
CVE-2005-0007 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion).
CVE-2005-0010 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory.
CVE-2004-2704 2 Hastymail, Microsoft 2 Hastymail, Internet Explorer 2026-04-16 N/A
Hastymail 1.0.1 and earlier (stable) and 1.1 and earlier (development) does not send the "attachment" parameter in the Content-Disposition field for attachments, which causes the attachment to be rendered inline by Internet Explorer when the victim clicks the download link, which facilitates cross-site scripting (XSS) and possibly other attacks.
CVE-2005-0011 1 Kde 1 Kde 2026-04-16 N/A
Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows.
CVE-2004-2707 1 Phrozensmoke 1 Gyach Enhanced 2026-04-16 N/A
Multiple unspecified vulnerabilities in Gyach Enhanced (Gyach-E) before 1.0.5 have unknown impact and attack vectors related to "several security flaws," probably related to buffer overflows in HTTP server responses.
CVE-2005-0016 1 Gatos 1 Gatos 2026-04-16 N/A
Buffer overflow in the exported_display function in xatitv in gatos before 0.0.5 allows local users to execute arbitrary code.
CVE-2004-0603 1 Gnu 1 Gzip 2026-04-16 N/A
gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
CVE-2005-0017 1 F2c Open Source Project 1 F2c Translator 2026-04-16 N/A
The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files.
CVE-2005-0018 1 F2c Open Source Project 1 F2c Translator 2026-04-16 N/A
The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files.
CVE-2005-2603 1 My Image Gallery 1 My Image Gallery 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters.
CVE-2005-0022 2 Redhat, University Of Cambridge 2 Enterprise Linux, Exim 2026-04-16 N/A
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
CVE-2005-0034 1 Isc 1 Bind 2026-04-16 N/A
An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail.
CVE-2005-0036 2 Delegate, Etl 2 Delegate, Delegate 2026-04-16 N/A
The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
CVE-2005-2604 1 My Image Gallery 1 My Image Gallery 2026-04-16 N/A
index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message.
CVE-2004-2717 1 Php Heaven 1 Phpmychat 2026-04-16 N/A
Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the (1) sheet and (2) What parameters.
CVE-2005-2605 1 Omnipilot Software 1 Lasso Professional Server 2026-04-16 N/A
Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags.
CVE-2005-2606 1 Phlymail 1 Phlymail 2026-04-16 N/A
Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors.
CVE-2005-2608 1 Safehtml 1 Safehtml 2026-04-16 N/A
SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML.