Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0484 1 Gproftpd 1 Gproftpd 2026-04-16 N/A
Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log.
CVE-2006-2704 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server and client (aka C5 EVM) before 2.8.1 send messages in cleartext, which allows remote attackers to read sensitive vulnerability information.
CVE-2006-2705 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause an unspecified denial of service via a large number of forged client registration messages.
CVE-2005-0486 1 Tarantella 2 Secure Global Desktop, Tarantella Enterprise 2026-04-16 N/A
Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.
CVE-2005-0487 1 Kayako 1 Esupport 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitrary HTML and web script via the nav parameter.
CVE-2005-0488 4 Microsoft, Mit, Redhat and 1 more 4 Telnet Client, Kerberos 5, Enterprise Linux and 1 more 2026-04-16 N/A
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
CVE-2005-0489 1 Linux 1 Linux Kernel 2026-04-16 N/A
The /proc handling (proc/base.c) Linux kernel 2.4 before 2.4.17 allows local users to cause a denial of service via unknown vectors that cause an invalid access of free memory.
CVE-2006-0447 1 E-post Corporation 3 Mail Server, Smtp Server, Spa-pro Mail Atsolomon 2026-04-16 N/A
Multiple buffer overflows in E-Post Mail Server 4.10 and SPA-PRO Mail @Solomon 4.00 allow remote attackers to execute arbitrary code via a long username to the (1) AUTH PLAIN or (2) AUTH LOGIN SMTP commands, which is not properly handled by (a) EPSTRS.EXE or (b) SPA-RS.EXE; (3) a long username in the APOP POP3 command, which is not properly handled by (c) EPSTPOP4S.EXE or (d) SPA-POP3S.EXE; (4) a long IMAP DELETE command, which is not properly handled by (e) EPSTIMAP4S.EXE or (f) SPA-IMAP4S.EXE.
CVE-2006-2706 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 allows remote attackers to cause a denial of service via forged "session start" messages that cause AVR to connect to arbitrary hosts.
CVE-2005-0491 1 Knox Software 1 Arkeia Server Backup 2026-04-16 N/A
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
CVE-2006-2707 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an update, which could allow remote attackers to distribute malicious updates to clients.
CVE-2006-2708 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER messages, which leads to a buffer overflow (probably an over-read).
CVE-2006-2709 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a message, which allows remote attackers to (1) execute arbitrary code on a client or (2) forge messages to the server.
CVE-2006-2710 1 Secure Elements 1 Class 5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications.
CVE-2005-0493 1 Seth M. Knorr 1 Biz Mail Form 2026-04-16 N/A
CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter.
CVE-2006-2714 1 Secure Elements 1 C5 Enterprise Vulnerability Management 2026-04-16 N/A
Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which allows remote attackers to send messages to a protected asset without knowing the proper CEID.
CVE-2005-0494 1 Thomson 1 Thomson Cable Modem 2026-04-16 N/A
The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request.
CVE-2005-0495 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the (1) sn1, (2) year, or (3) page parameter to zboard.php or (4) filename to view_image.php.
CVE-2006-0448 1 E-post Corporation 2 Mail Server, Spa-pro Mail Atsolomon 2026-04-16 N/A
Multiple directory traversal vulnerabilities in (1) EPSTIMAP4S.EXE and (2) SPA-IMAP4S.EXE in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allow remote attackers to (a) list arbitrary directories or cause a denial of service via the LIST command; or create arbitrary files via the (b) APPEND, (c) COPY, or (d) RENAME commands.
CVE-2006-0449 1 E-post Corporation 2 Mail Server, Spa-pro Mail Atsolomon 2026-04-16 N/A
Early termination vulnerability in the IMAP service in E-Post Mail 4.05 and SPA-PRO Mail 4.05 allows remote attackers to cause a denial of service (infinite loop) by sending an APPEND command and disconnecting before the expected amount of data is sent.