Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2376 1 Codemasters 1 Toca Race Driver 2025-04-03 N/A
Buffer overflow in Race Driver 1.20 and earlier allows remote attackers to cause a denial of service (application crash) via a long (1) nickname or (2) chat message.
CVE-2005-2380 1 Php Surveyor 1 Php Surveyor 2025-04-03 N/A
Multiple cross-site scripting vulnerabilities in PHP Surveyor 0.98 allow remote attackers to inject arbitrary web script or HTML via the (1) sid, (2) start, and (3) id parameters to browse.php, or the sid parameter to (4) dataentry.php or (5) export.php.
CVE-2005-2385 1 Alwil 1 Avast Antivirus 2025-04-03 N/A
Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename.
CVE-2005-2386 1 Elemental Software 1 Cartwiz 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1.20 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
CVE-2005-2387 1 Goodtech Systems 1 Goodtech Smtp Server 2025-04-03 N/A
Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO commands with a long e-mail name arugment in the last command.
CVE-2002-1560 1 Martin Bauer 1 Gbook 2025-04-03 N/A
index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true.
CVE-2005-1336 1 Apple 1 Mac Os X 2025-04-03 N/A
Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.
CVE-2005-2396 1 Mediawiki 1 Mediawiki 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in MediaWiki 1.4.6 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the page move template.
CVE-2005-2397 1 Gnu 1 Phpbook 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in guestbook.php in phpBook 1.46 allows remote attackers to inject arbitrary web script or HTML via the admin parameter.
CVE-2005-2958 1 Gnome 1 Libgda2 2025-04-03 N/A
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
CVE-2002-1795 1 Microsoft 1 Tsac Activex Control 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-2404 1 Sendcard 1 Sendcard 2025-04-03 N/A
SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-1353 1 Forum.pl 1 Forum.pl 2025-04-03 N/A
The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2005-2729 1 Astaro 1 Security Linux 2025-04-03 N/A
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.
CVE-2005-2719 1 Flagship Industries 1 Ventrilo 2025-04-03 N/A
Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial of service (application crash) via a status packet that contains less data than specified in the packet header sent to UDP port 3784.
CVE-2005-2717 1 Webcalendar 1 Webcalendar 2025-04-03 N/A
PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts.
CVE-2005-2718 1 Mplayer 1 Mplayer 2025-04-03 N/A
Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk.
CVE-2005-2715 1 Symantec Veritas 2 Netbackup Data And Business Center, Netbackup Enterprise Server Client 2025-04-03 N/A
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
CVE-2005-2724 1 Inter7 1 Sqwebmail 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer.
CVE-2005-2725 1 Qnx 1 Rtos 2025-04-03 N/A
The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.