Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2891 1 Csystems 1 Webarchivex 2026-04-16 N/A
WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) MakeArchiveStr methods.
CVE-2005-2893 1 Pblang 1 Pblang 2026-04-16 N/A
Direct static code injection vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via the username (u parameter), which is directly injected into a file that is later executed upon login.
CVE-2005-2920 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable.
CVE-2005-2925 1 Sgi 1 Irix 2026-04-16 N/A
runpriv in SGI IRIX allows local users to bypass intended restrictions and execute arbitrary commands via shell metacharacters in a command line for a privileged binary in /usr/sysadm/privbin.
CVE-2005-2927 1 Sco 1 Unixware 2026-04-16 N/A
Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
CVE-2005-2931 1 Ipswitch 2 Imail Server, Ipswitch Collaboration Suite 2026-04-16 N/A
Format string vulnerability in the SMTP service in IMail Server 8.20 in Ipswitch Collaboration Suite (ICS) before 2.02 allows remote attackers to execute arbitrary code via format string specifiers to the (1) EXPN, (2) MAIL, (3) MAIL FROM, and (4) RCPT TO commands.
CVE-2005-2933 2 Redhat, University Of Washington 3 Enterprise Linux, Rhel Stronghold, Uw-imap 2026-04-16 N/A
Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name containing a single double-quote (") character without a closing quote, which causes bytes after the double-quote to be copied into a buffer indefinitely.
CVE-2005-2934 1 Sco 1 Unixware 2026-04-16 N/A
Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
CVE-2005-2939 1 Vmware 1 Workstation 2026-04-16 N/A
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.
CVE-2005-2943 1 Davide Libenzi 1 Xmail 2026-04-16 N/A
Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.
CVE-2005-2944 1 Brent Ely 1 Gnome Workstation Command Center 2026-04-16 N/A
The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file.
CVE-2005-3163 1 Polipo 1 Polipo 2026-04-16 N/A
Unspecified vulnerability in Polipo 0.9.8 and earlier allows attackers to read files outside of the web root.
CVE-2005-3005 1 Helpdesk Software 1 Hesk 2026-04-16 N/A
Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.
CVE-2005-2964 1 Abisource 1 Community Abiword 2026-04-16 N/A
Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.
CVE-2005-2968 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash.
CVE-2005-2977 2 Pam, Redhat 2 Pam, Enterprise Linux 2026-04-16 N/A
The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.
CVE-2005-2971 1 Kde 1 Koffice 2026-04-16 N/A
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
CVE-2005-2973 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
CVE-2005-2995 1 Bacula 1 Bacula 2026-04-16 N/A
bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.
CVE-2005-2987 1 Digital Scribe 1 Digital Scribe 2026-04-16 N/A
SQL injection vulnerability in login.php in Digital Scribe 1.4 allows remote attackers to execute arbitrary SQL commands via the username parameter.