Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2712 1 Ibm 1 Lotus Domino 2026-04-16 N/A
The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference.
CVE-2005-2713 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option.
CVE-2005-2715 1 Symantec Veritas 2 Netbackup Data And Business Center, Netbackup Enterprise Server Client 2026-04-16 N/A
Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command.
CVE-2005-2717 1 Webcalendar 1 Webcalendar 2026-04-16 N/A
PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts.
CVE-2005-2721 1 Foojan 1 Php Weblog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) admin.php in Foojan PHP Weblog allow remote attackers to inject arbitrary web script or HTML via the Referer field in the HTTP header.
CVE-2005-2724 1 Inter7 1 Sqwebmail 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via a file attachment that is processed by the Display feature. NOTE: the severity of this issue has been disputed by the developer.
CVE-2005-2725 1 Qnx 1 Rtos 2026-04-16 N/A
The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.
CVE-2005-2738 1 Sun 1 Java 2026-04-16 N/A
Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket, which allows local users to operate a Java program that intercepts network data intended for the ServerSocket of a different Java program.
CVE-2005-2744 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Buffer overflow in QuickDraw Manager for Apple OS X 10.3.9 and 10.4.2, as used by applications such as Safari, Mail, and Finder, allows remote attackers to execute arbitrary code via a crafted PICT file.
CVE-2005-2752 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability than CVE-2005-1126 and CVE-2005-1406.
CVE-2005-2756 1 Apple 1 Quicktime 2026-04-16 N/A
Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion.
CVE-2005-2758 1 Symantec 2 Antivirus Scan Engine, Antivirus Scan Engine For Network Attached Storage 2026-04-16 N/A
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
CVE-2005-2764 1 Openttd 1 Openttd 2026-04-16 N/A
Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
CVE-2005-2768 1 Sophos 1 Sophos Anti-virus 2026-04-16 N/A
Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio file with a crafted sub record length.
CVE-2005-2776 1 Looking Glass 1 Looking Glass 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass 20040427 allow remote attackers to inject arbitrary web script or HTML via the (1) version[fullname], (2) version[homepage], or (3) version[no] parameter to footer.php, or the (4) version[fullname], (5) version[no], (6) version[author], (7) version[email] parameter to header.php.
CVE-2005-2794 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
CVE-2005-2797 1 Openbsd 1 Openssh 2026-04-16 N/A
OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
CVE-2005-2800 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterator returns NULL or an error.
CVE-2005-2801 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 7.5 High
xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied.
CVE-2005-2805 1 E107 1 E107 2026-04-16 N/A
forum_post.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number.