Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4525 1 Sygate Technologies 1 Protection Agent 2025-04-03 N/A
SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI (SmcGui.exe) and then killing the process, which causes the privileged management GUI to launch.
CVE-2005-0243 1 Yahoo 1 Messenger 2025-04-03 N/A
Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file extensions.
CVE-2005-4532 1 Scponly 1 Scponly 2025-04-03 N/A
scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application.
CVE-2005-4533 1 Scponly 1 Scponly 2025-04-03 N/A
Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered.
CVE-2005-0246 2 Postgresql, Redhat 2 Postgresql, Enterprise Linux 2025-04-03 N/A
The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays.
CVE-2005-4534 1 Mozilla 1 Bugzilla 2025-04-03 N/A
The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-0259 1 Phpbb Group 1 Phpbb 2025-04-03 N/A
phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the target file.
CVE-2005-0261 1 Ibm 1 Aix 2025-04-03 N/A
lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one line of arbitrary files.
CVE-2005-4536 1 Debian 1 Libmail-audit-perl 2025-04-03 N/A
Mail::Audit module in libmail-audit-perl 2.1-5, when logging is enabled without a default log file specified, uses predictable log filenames, which allows local users to overwrite arbitrary files via a symlink attack on the [PID]-audit.log temporary file.
CVE-2005-0262 1 Ibm 1 Aix 2025-04-03 N/A
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
CVE-2005-0263 1 Ibm 1 Aix 2025-04-03 N/A
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
CVE-2005-0273 1 Photopost 1 Photopost Php Pro 2025-04-03 N/A
Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) ppuser parameter.
CVE-2005-0283 1 David Barrett 1 Qwikiwiki 2025-04-03 N/A
Directory traversal vulnerability in index.php in QwikiWiki allows remote attackers to read arbitrary files via a .. (dot dot) and a %00 at the end of the filename in the page parameter.
CVE-2005-0284 1 Woltlab 1 Burning Book 2025-04-03 N/A
SQL injection vulnerability in addentry.php in Woltlab Burning Book 1.0 Gold, 1.1.1e, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the user-agent parameter.
CVE-2005-0285 1 Bottomline 1 Webseries Payment Application 2025-04-03 N/A
Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs.
CVE-2005-0287 1 Bottomline 1 Webseries Payment Application 2025-04-03 N/A
Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values.
CVE-2002-1060 1 Bluecoat 1 Cacheos 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page.
CVE-2002-1063 1 T. Hauck 1 Jana Web Server 2025-04-03 N/A
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports.
CVE-2005-0304 1 Divx 1 Divx Player 2025-04-03 N/A
Directory traversal vulnerability in DivX Player 2.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename in a ZIP file for a skin.
CVE-2005-4546 1 Epic Designs 1 Eggblog 2025-04-03 N/A
search.php in eggblog 2.0 allows remote attackers to obtain the full path via an invalid q parameter, as used by the Keyword and Search fields, possibly due to an SQL injection vulnerability.