Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0426 1 Linksys 1 Befvp41 2025-04-03 N/A
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
CVE-2005-1729 1 Novell 1 Edirectory 2025-04-03 N/A
Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1.
CVE-2005-1732 1 Metro Marketing 1 Cookie Cart 2025-04-03 N/A
Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to testmy.cgi.
CVE-2005-1733 1 Metro Marketing 1 Cookie Cart 2025-04-03 N/A
Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to passwd.txt.
CVE-2002-0428 1 Checkpoint 3 Check Point Vpn, Firewall-1, Next Generation 2025-04-03 N/A
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file.
CVE-2005-1750 1 Distinct Web Creations 1 Newsletterez 2025-04-03 N/A
SQL injection vulnerability in login.asp in ezdwc NewsletterEz 3.0 allows remote attackers to execute arbitrary SQL commands via the password parameter.
CVE-2005-1757 1 Novell 1 Netmail 2025-04-03 N/A
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.
CVE-2005-1759 1 Shtool 1 Shtool 2025-04-03 N/A
Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they have been created, a different vulnerability than CVE-2005-1751.
CVE-2005-1758 1 Novell 1 Netmail 2025-04-03 N/A
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.
CVE-2005-1767 3 Novell, Redhat, Suse 4 Linux Desktop, Open Enterprise Server, Enterprise Linux and 1 more 2025-04-03 N/A
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
CVE-2005-1774 1 Davfs2 1 Davfs2 2025-04-03 N/A
WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce Unix permissions, which allows local users to write arbitrary files on a davfs2 mounted filesystem.
CVE-2005-1776 1 Cnedra 1 Cnedra 2025-04-03 N/A
Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C'Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text string.
CVE-2005-1777 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter.
CVE-2002-0455 1 Incredimail 1 Incredimail 2025-04-03 N/A
IncrediMail stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames.
CVE-2005-1789 1 India Software Solution 1 Shopping Cart 2025-04-03 N/A
SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password.
CVE-2005-2412 1 Php Firstpost 1 Php Firstpost 2025-04-03 N/A
PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter.
CVE-2005-2415 1 Astalavista It Engineering 1 Contrexx 2025-04-03 N/A
Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) value parameter to the poll module or (2) pId parameter to the gallery module.
CVE-2005-2416 1 Astalavista It Engineering 1 Contrexx 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog aggregation module.
CVE-2005-2417 1 Astalavista It Engineering 1 Contrexx 2025-04-03 N/A
Contrexx before 1.0.5 allows remote attackers to obtain sensitive information via a direct request to /config/version.xml.
CVE-2005-2422 1 Beehive Forum 1 Beehive Forum 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter.