Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0077 4 Debian, Gentoo, Redhat and 1 more 5 Debian Linux, Linux, Enterprise Linux and 2 more 2026-04-16 N/A
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.
CVE-2005-3101 1 Six Apart 1 Movable Type 2026-04-16 N/A
The password reset feature in Movable Type before 3.2 generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames.
CVE-2004-1463 1 Moinmoin 1 Moinmoin 2026-04-16 N/A
Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, related to Access Control Lists (ACL), has unknown impact.
CVE-2005-4431 1 Wowbb 1 Wowbb 2026-04-16 N/A
SQL injection vulnerability in WowBB 1.65 allows remote attackers to execute arbitrary SQL commands via the q parameter to search.php. NOTE: the view_user.php/sort_by vector is already covered by CVE-2005-1554 and CVE-2004-2181.
CVE-2005-0185 1 Mnet Soft Factory 1 Nodemanager Professional 2026-04-16 N/A
Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field.
CVE-2005-3139 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.
CVE-2006-2252 1 Openfaq 1 Openfaq 2026-04-16 N/A
Cross-site scripting vulnerability in submit.php in OpenFAQ 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.
CVE-2005-3148 2 Storebackup, Suse 2 Storebackup, Suse Linux 2026-04-16 N/A
StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.
CVE-2005-0187 1 Athoc 1 Athoc Toolbar 2026-04-16 N/A
Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name.
CVE-2005-3153 1 Mywebland 1 Mybloggie 2026-04-16 N/A
login.php in myBloggie 2.1.3 beta and earlier allows remote attackers to bypass a whitelist regular expression and conduct SQL injection attacks via a username parameter with SQL after a null character, which causes the whitelist check to succeed but injects the SQL into a query string, a different vulnerability than CVE-2005-2838. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treated as a myBloggie vulnerability.
CVE-2005-4438 1 Dec2rar.dll 1 Dec2rar.dll 2026-04-16 N/A
Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorrect values in the length field.
CVE-1999-1381 1 Dbadmin 1 Dbadmin 2026-04-16 N/A
Buffer overflow in dbadmin CGI program 1.0.1 on Linux allows remote attackers to execute arbitrary commands.
CVE-2004-1636 1 Net Integration Technologies Inc. 1 Wvtftp 2026-04-16 N/A
Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.
CVE-2005-3187 1 Bluecoat 1 Winproxy 2026-04-16 N/A
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.
CVE-2001-1104 1 Sonicwall 2 Soho, Soho Firmware 2026-04-16 N/A
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
CVE-2004-1646 1 Jerod Moemeka 1 Xedus 2026-04-16 N/A
Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2005-3188 1 Nullsoft 1 Winamp 2026-04-16 N/A
Buffer overflow in Nullsoft Winamp 5.094 allows remote attackers to execute arbitrary code via (1) an m3u file containing a long line ending in .wma or (2) a pls file containing a long File1 value ending in .wma, a different vulnerability than CVE-2006-0476.
CVE-2005-4821 1 Neocrome 1 Land Down Under 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Land Down Under (LDU) v801 and earlier allow remote attackers to execute arbitrary SQL commands via parameters including (1) the m parameter in auth.php, (2) the f parameter in events.php, or (3) the e parameter in plug.php.
CVE-2004-1849 1 Cpanel 1 Cpanel 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.
CVE-2005-3262 1 Rarlab 1 Winrar 2026-04-16 N/A
Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename.