Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0046 2 Linux, Redhat 2 Linux Kernel, Linux 2025-04-03 N/A
Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet.
CVE-2005-0157 1 Smartlist 1 Smartlist 2025-04-03 N/A
The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned.
CVE-2005-0159 1 Debian 2 Debian Linux, Toolchain-source 2025-04-03 N/A
The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-0175 2 Redhat, Squid 2 Enterprise Linux, Squid 2025-04-03 N/A
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
CVE-2005-4505 1 Mcafee 2 Common Management Agent, Virusscan Enterprise 2025-04-03 N/A
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
CVE-2005-0176 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
CVE-2005-4506 1 Nexus Concepts 1 Dev Hound 2025-04-03 N/A
Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges.
CVE-2005-0185 1 Mnet Soft Factory 1 Nodemanager Professional 2025-04-03 N/A
Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field.
CVE-2005-4508 1 Nexus Concepts 1 Dev Hound 2025-04-03 N/A
Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file.
CVE-2005-0192 1 Realnetworks 2 Realone Player, Realplayer 2025-04-03 N/A
Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename.
CVE-2005-0193 1 Isync 1 Mrouter 2025-04-03 N/A
Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code.
CVE-2005-0195 1 Cisco 1 Ios 2025-04-03 N/A
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
CVE-2005-0204 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-03 N/A
Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction.
CVE-2005-4516 1 Php Fusion 1 Php Fusion 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHP-Fusion 6.00.200 through 6.00.300 allow remote attackers to inject arbitrary web script or HTML via (1) the sortby parameter in members.php and (2) IMG tags.
CVE-2006-1038 1 Van Dyke Technologies 2 Securecrt, Securefx 2025-04-03 N/A
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string.
CVE-2005-4517 1 Php Fusion 1 Php Fusion 2025-04-03 N/A
SQL injection vulnerability in PHP-Fusion 6.00.200 through 6.00.300 allows remote attackers to execute arbitrary SQL commands via the ratings parameter in multiple scripts, such as ratings_include.php.
CVE-2005-0205 3 Bernd Wuebben, Kde, Redhat 3 Kppp, Kde, Enterprise Linux 2025-04-03 N/A
KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp.
CVE-2005-0207 4 Conectiva, Linux, Redhat and 1 more 5 Linux, Linux Kernel, Enterprise Linux and 2 more 2025-04-03 N/A
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
CVE-2005-0212 1 Amp 1 Amp Ii 3d Game Engine 2025-04-03 N/A
The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero byte UDP packet.
CVE-2005-0219 1 Gallery Project 1 Gallery 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 1.3.4-pl1 allow remote attackers to inject arbitrary web script or HTML via (1) the index field in add_comment.php, (2) set_albumName, (3) slide_index, (4) slide_full, (5) slide_loop, (6) slide_pause, (7) slide_dir fields in slideshow_low.php, or (8) username field in search.php.