Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2639 1 Valusoft 1 Chris Moneymakers World Poker Championship 2026-04-16 N/A
Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.
CVE-2005-2640 3 Juniper, Neoteris, Netscreen 16 Netscreen-5gt, Netscreen-idp, Netscreen-idp 10 and 13 more 2026-04-16 N/A
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
CVE-2006-3320 1 Sitebar 1 Sitebar 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the command parameter.
CVE-2005-2642 1 Mutt 1 Mutt 2026-04-16 N/A
Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.
CVE-2005-2643 1 Tor 1 Tor 2026-04-16 N/A
Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit.
CVE-2005-2647 1 Xerox 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors.
CVE-2005-2648 1 W-agora 1 W-agora 2026-04-16 N/A
Directory traversal vulnerability in index.php in W-Agora 4.2.0 and earlier allows remote attackers to read arbitrary files via the site parameter.
CVE-2006-3322 1 Spiffyjr 1 Phpraid 2026-04-16 N/A
SQL injection vulnerability in includes/functions_logging.php in phpRaid 3.0.5, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the log_hack function.
CVE-1999-0786 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack.
CVE-2005-2651 1 Phpoutsourcing 1 Zorum 2026-04-16 N/A
gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter.
CVE-2005-2661 1 Up-imapproxy 1 Up-imapproxy 2026-04-16 N/A
Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.
CVE-2005-2662 1 Masqmail 1 Masqmail 2026-04-16 N/A
masqmail before 0.2.18 allows remote attackers to execute arbitrary commands via crafted e-mail addresses that are not properly sanitized when creating a failed delivery message.
CVE-2005-2663 1 Masqmail 1 Masqmail 2026-04-16 N/A
masqmail before 0.2.18 allows local users to overwrite arbitrary files via a symlink attack on a log file.
CVE-2005-2664 1 Whisper32 1 Whisper32 2026-04-16 N/A
Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory.
CVE-2005-2234 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.
CVE-2006-1880 1 Oracle 1 E-business Suite 2026-04-16 N/A
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, as identified by Vuln# (1) APPS01 in the (a) Application Install component; (2) APPS09 in the (b) Oracle Diagnostics Interfaces component; (3) APPS10 in the (c) Oracle General Ledger component; (4) APPS12 and (5) APPS13 in the (d) Oracle Receivables component.
CVE-2005-2667 2 Broadcom, Ca 24 Advantage Data Transport, Adviseit, Brightstor Portal and 21 more 2026-04-16 N/A
Unknown vulnerability in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows attackers to cause a denial of service via unknown vectors, aka the "CAM TCP port vulnerability."
CVE-2005-2669 2 Broadcom, Ca 28 Advantage Data Transport, Adviseit, Brightstor Portal and 25 more 2026-04-16 N/A
Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets.
CVE-2006-1882 1 Oracle 1 E-business Suite 2026-04-16 N/A
Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln# (1) APPS03 in (a) iProcurement; (2) APPS04 in (b) Oracle Application Object Library; (3) APPS06, (4) APPS07, and (5) APPS08 in (c) Oracle Applications Technology Stack; and (6) APPS11 in (d) Oracle Order Capture.
CVE-2005-2672 2 Lm Sensors, Redhat 2 Lm Sensors, Enterprise Linux 2026-04-16 N/A
pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file.