Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0879 2 Bsdi, Caldera 2 Bsd Os, Openlinux 2026-04-16 N/A
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
CVE-1999-1277 1 Backweb Technologies 1 Backweb Client 2026-04-16 N/A
BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.
CVE-2005-2335 2 Fetchmail, Redhat 2 Fetchmail, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. This is the correct identifier.
CVE-2005-2343 1 Rim 3 Blackberry, Blackberry Desktop Manager, Blackberry Device Software 2026-04-16 N/A
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file with a long application name and vendor string, which prevents a browser dialog from being properly dismissed.
CVE-2005-2344 1 Rim 1 Blackberry Enterprise Server 2026-04-16 N/A
The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow.
CVE-2005-2346 1 Novell 1 Groupwise 2026-04-16 N/A
Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section.
CVE-2005-2357 1 Emc 1 Navisphere Manager 2026-04-16 N/A
Directory traversal vulnerability in EMC Navisphere Manager 6.4.1.0.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2005-2359 1 Freebsd 1 Freebsd 2026-04-16 N/A
The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session.
CVE-2005-2360 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the LDAP dissector in Ethereal 0.8.5 through 0.10.11 allows remote attackers to cause a denial of service (free static memory and application crash) via unknown attack vectors.
CVE-2005-2362 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability several dissectors in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a denial of service (application crash) by reassembling certain packets.
CVE-2006-4796 1 Snitz Communications 1 Snitz Forums 2000 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in forum.asp in Snitz Forums 2000 3.4.06 allows remote attackers to inject arbitrary web script or HTML via the sortorder parameter (strtopicsortord variable).
CVE-2005-2364 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the (1) GIOP dissector, (2) WBXML, or (3) CAMEL dissector in Ethereal 0.8.20 through 0.10.11 allows remote attackers to cause a denial of service (application crash) via certain packets that cause a null pointer dereference.
CVE-2005-2368 2 Redhat, Vim Development Group 2 Enterprise Linux, Vim 2026-04-16 N/A
vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
CVE-2005-2373 1 Whitsoft Development 1 Slimftpd 2026-04-16 N/A
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
CVE-2005-2377 1 Mandrakesoft 2 Mandrake Linux, Mandrake Linux Corporate Server 2026-04-16 N/A
nss_ldap 181 to versions before 213, as used in Mandrake Corporate Server and Mandrake 10.0, and other operating systems, does not properly handle a SIGPIPE signal when sending a search request to an LDAP directory server, which might allow remote attackers to cause a denial of service (crond and other application crash) if they can cause an LDAP server to become unavailable. NOTE: it is not clear whether this attack scenario is sufficient to include this item in CVE.
CVE-2005-2382 1 Oray 1 Peanuthull 2026-04-16 N/A
Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM privileges when launched from the system tray, which allows local users to gain privileges by accessing the Help functionality.
CVE-2005-2383 1 Phpnews 1 Phpnews 2026-04-16 N/A
SQL injection vulnerability in auth.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the user parameter in an HTTP POST request.
CVE-2005-2384 1 Alwil 1 Avast Antivirus 2026-04-16 N/A
Directory traversal vulnerability in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to write arbitrary files via an ACE archive containing filenames with (1) .. or (2) absolute pathnames.
CVE-2005-2385 1 Alwil 1 Avast Antivirus 2026-04-16 N/A
Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename.
CVE-2005-2388 1 Microsoft 7 Windows 2000, Windows 2003 Server, Windows 95 and 4 more 2026-04-16 N/A
Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.