Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0914 1 Debian 1 Debian Linux 2026-04-16 N/A
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.
CVE-2005-2432 1 Tincan 1 Phplist 2026-04-16 N/A
SQL injection vulnerability in PhpList allows remote attackers to modify SQL statements via the id argument to admin pages such as (1) members or (2) admin.
CVE-2005-2439 1 Usebb 1 Usebb 2026-04-16 N/A
SQL injection vulnerability in UseBB 0.5.1 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the search function.
CVE-2005-2628 2 Macromedia, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
CVE-2005-2638 1 Phpfreenews 1 Phpfreenews 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) NewsMode parameter to NewsCategoryForm.php, or the (2) Match or (3) NewsMode parameter to SearchResults.php.
CVE-2005-2640 3 Juniper, Neoteris, Netscreen 16 Netscreen-5gt, Netscreen-idp, Netscreen-idp 10 and 13 more 2026-04-16 N/A
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
CVE-2005-2641 2 Padl Software, Redhat 2 Pam Ldap, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. NOTE: CVE-2005-2497 had also been assigned to this issue, but CVE-2005-2641 is the correct candidate.
CVE-2005-2645 1 Xerox 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more 2026-04-16 N/A
Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to bypass authentication.
CVE-2005-2647 1 Xerox 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors.
CVE-2005-2649 1 Adaptive Technology Resource Centre 1 Atutor 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
CVE-2005-2653 1 Bbcaffe 1 Bbcaffe 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in BBCaffe 2.0 allows remote attackers to inject arbitrary web script or HTML via e-mail data in a message.
CVE-2005-2657 1 Common-lisp-controller 1 Common-lisp-controller 2026-04-16 N/A
Unknown vulnerability in common-lisp-controller 4.18 and earlier allows local users to gain privileges by compiling arbitrary code in the cache directory, which is executed by another user if the user has not run Common Lisp before.
CVE-1999-0963 1 Freebsd 1 Freebsd 2026-04-16 N/A
FreeBSD mount_union command allows local users to gain root privileges via a symlink attack.
CVE-2005-2805 1 E107 1 E107 2026-04-16 N/A
forum_post.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number.
CVE-2005-2809 1 Silc 1 Secure Internet Live Conferencing 2026-04-16 N/A
silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file.
CVE-2005-2815 1 Flatnuke 1 Flatnuke 2026-04-16 N/A
print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1.
CVE-2005-2830 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01, 5.5, and 6, when using an HTTPS proxy server that requires Basic Authentication, sends URLs in cleartext, which allows remote attackers to obtain sensitive information, aka "HTTPS Proxy Vulnerability."
CVE-2005-2831 1 Microsoft 2 Ie, Internet Explorer 2026-04-16 N/A
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127.
CVE-2005-2851 1 Smb4k 1 Smb4k 2026-04-16 N/A
smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a symlink attack on the (1) smb4k.tmp or (2) sudoers temporary files.
CVE-2005-2855 1 Unclassified Newsboard 1 Unclassified Newsboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Unclassified NewsBoard 1.5.3 allows remote attackers to inject arbitrary web script or HTML via the description field.