Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4464 1 Ingate 2 Ingate Firewall, Siparator 2025-04-03 N/A
Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response.
CVE-2006-0998 1 Novell 2 Netware, Open Enterprise Server 2025-04-03 N/A
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.
CVE-2004-2653 1 Pd9 Software 1 Megabbs 2025-04-03 N/A
Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving (1) admin/userlevelmembers-edit.asp and (2) admin/edit-groups.asp.
CVE-2004-2655 2 Redhat, Xscreensaver 2 Enterprise Linux, Xscreensaver 2025-04-03 N/A
rdesktop 1.3.1 with xscreensaver 4.14, and possibly other versions, when running on Fedora and possibly other platforms, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen.
CVE-2005-4465 1 Nec 1 Univerge 2025-04-03 N/A
The Internet Key Exchange version 1 (IKEv1) implementation in NEC UNIVERGE IX1000, IX2000, and IX3000 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
CVE-2005-4474 1 Rarlab 1 Winrar 2025-04-03 N/A
Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by tricking the user into adding a file whose filename contains a non-default code page and non-ANSI characters, as demonstrated using a Chinese filename, possibly due to buffer expansion when using the WideCharToMultiByte API. NOTE: it is not clear whether this problem can be exploited for code execution. If not, then perhaps the user-assisted nature of the attack should exclude the issue from inclusion in CVE.
CVE-2004-2672 1 Argosoft 1 Ftp Server 2025-04-03 N/A
Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors.
CVE-2004-2675 1 Argosoft 1 Ftp Server 2025-04-03 N/A
ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted.
CVE-2005-4483 1 Iatek 1 Siteenable 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in login.asp in SiteEnable 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.
CVE-2001-1521 1 Postnuke Software Foundation 1 Postnuke 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.
CVE-2005-0002 1 Gentoo 1 Poppassd Pam 2025-04-03 N/A
poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users.
CVE-2005-0007 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2025-04-03 N/A
Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion).
CVE-2005-0009 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2025-04-03 N/A
Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash).
CVE-2005-4492 1 Starphire Technologies 5 Sitesage, Sitesage-ee, Sitesage-le and 2 more 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Starphire SiteSage 5.0.18 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the norelay_highlight_words parameter.
CVE-2005-0016 1 Gatos 1 Gatos 2025-04-03 N/A
Buffer overflow in the exported_display function in xatitv in gatos before 0.0.5 allows local users to execute arbitrary code.
CVE-2005-0018 1 F2c Open Source Project 1 F2c Translator 2025-04-03 N/A
The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files.
CVE-2005-4498 1 Text-e 1 Text-e Cms 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Text-e 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
CVE-2005-0038 1 Powerdns 1 Powerdns 2025-04-03 N/A
The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
CVE-2006-1004 1 Cactusoft 1 Parodia 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in agencyprofile.asp in Parodia 6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the AG_ID parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2006-1005 1 Cactusoft 1 Parodia 2025-04-03 N/A
agencyprofile.asp in Parodia 6.2 and earlier might allow remote attackers to obtain sensitive information by triggering an SQL error via an invalid AG_ID parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.