Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1265 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash). | ||||
| CVE-2005-1270 | 1 Gentoo | 1 Rootkit Hunter | 2025-04-03 | N/A |
| The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-1274 | 1 Mysql | 1 Maxdb | 2025-04-03 | N/A |
| Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter. | ||||
| CVE-2005-1275 | 3 Graphicsmagick, Imagemagick, Redhat | 3 Graphicsmagick, Imagemagick, Enterprise Linux | 2025-04-03 | N/A |
| Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value. | ||||
| CVE-2005-1284 | 1 Argosoft | 1 Argosoft Mail Server | 2025-04-03 | N/A |
| The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request. | ||||
| CVE-2005-1281 | 1 Ethereal Group | 1 Ethereal | 2025-04-03 | N/A |
| Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. | ||||
| CVE-2005-1354 | 1 Forum.pl | 1 Forum.pl | 2025-04-03 | N/A |
| The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2005-1292 | 1 Elemental Software | 1 Cartwiz | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to (1) tellAFriend.asp or (2) addToWishlist.asp, redirect parameter to (3) access.asp or (4) login.asp, message parameter to (5) login.asp or (6) error.asp, or (7) sku or (8) name parameter to searchResults.asp. | ||||
| CVE-2005-1291 | 1 Cartwiz | 1 Asp Cart | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp, the (3) priceFrom, (4) idCategory, or (5) priceTo parameter to searchResults.asp, or (6) the idParentCategory parameter to productCatalogSubCats.asp. | ||||
| CVE-2005-1295 | 1 Include.cgi | 1 Include.cgi | 2025-04-03 | N/A |
| include.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2005-1294 | 1 Nokia | 1 Affix | 2025-04-03 | N/A |
| The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index. | ||||
| CVE-2005-1297 | 1 Include.cgi | 1 Include.cgi | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. | ||||
| CVE-2005-1298 | 1 Inserter.cgi | 1 Inserter.cgi | 2025-04-03 | N/A |
| The inserter.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2005-1299 | 1 Inserter.cgi | 1 Inserter.cgi | 2025-04-03 | N/A |
| The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2005-1296 | 1 Include.cgi | 1 Include.cgi | 2025-04-03 | N/A |
| include.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | ||||
| CVE-2005-1305 | 1 Hyper.cgi | 1 Hyper.cgi | 2025-04-03 | N/A |
| The hyper.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | ||||
| CVE-2005-1309 | 1 Eaden Mckee | 1 Bblog | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in bBlog 0.7.4 allows remote attackers to inject arbitrary web script or HTML via the (1) entry title field or (2) comment body text. | ||||
| CVE-2005-1308 | 1 Inter7 | 1 Sqwebmail | 2025-04-03 | N/A |
| SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML. | ||||
| CVE-2005-1310 | 1 Eaden Mckee | 1 Bblog | 2025-04-03 | N/A |
| SQL injection vulnerability in bBlog 0.7.4 allows remote attackers to execute arbitrary SQL commands via the postid parameter. | ||||
| CVE-2005-1314 | 1 Horde | 1 Kronolith | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Horde Kronolith module before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. | ||||