Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2032 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.
CVE-2005-2034 1 Blue-collar Productions 1 I-gallery 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in folderview.asp for BlueCollar iGallery 3.3 allows remote attackers to inject arbitrary web script or HTML via the folder parameter.
CVE-2002-1137 1 Microsoft 2 Data Engine, Sql Server 2025-04-03 N/A
Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644.
CVE-2005-2042 1 Ajax-spell 1 Ajax-spell 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or other events in HTML tags.
CVE-2005-2049 1 Duware 1 Duclassmate 2025-04-03 N/A
Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter to default.asp or (2) iPro parameter to edit.asp.
CVE-2005-2050 1 Tor 1 Tor 2025-04-03 N/A
Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space.
CVE-2005-2051 1 Symantec Veritas 1 Backup Exec 2025-04-03 N/A
Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code.
CVE-2005-2052 1 Realnetworks 2 Realone Player, Realplayer 2025-04-03 N/A
Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value.
CVE-2005-2061 1 Ubbcentral 1 Ubb.threads 2025-04-03 N/A
Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%00) byte.
CVE-2005-2521 1 Apple 1 Mac Os X 2025-04-03 N/A
Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors.
CVE-2005-1291 1 Cartwiz 1 Asp Cart 2025-04-03 N/A
Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp, the (3) priceFrom, (4) idCategory, or (5) priceTo parameter to searchResults.asp, or (6) the idParentCategory parameter to productCatalogSubCats.asp.
CVE-2005-2078 1 Sofotex 1 Bisonftp 2025-04-03 N/A
BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument.
CVE-2005-2081 1 Digium 1 Asterisk 2025-04-03 N/A
Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that has two double quotes followed by a tab character.
CVE-2005-2082 1 Cgi-club 1 Imtrset 2025-04-03 N/A
im_trbbs.cgi in imTRSET 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the df parameter.
CVE-2005-2086 1 Phpbb Group 1 Phpbb 2025-04-03 N/A
PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code.
CVE-2005-1299 1 Inserter.cgi 1 Inserter.cgi 2025-04-03 N/A
The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
CVE-2005-1302 1 Swsoft 1 Confixx 2025-04-03 N/A
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.
CVE-2005-2097 3 Kde, Redhat, Xpdf 3 Kpdf, Enterprise Linux, Xpdf 2025-04-03 N/A
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.
CVE-2005-2098 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM.
CVE-2005-2104 1 Redhat 2 Enterprise Linux, Sysreport 2025-04-03 N/A
sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory.