Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4784 1 Austin Group 1 Posix 2026-04-16 N/A
Multiple buffer overflows in the POSIX readdir_r function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via (1) a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with a larger maximum directory-entry name length, or (2) possibly via programmer-introduced errors on operating systems with a small struct dirent, such as Solaris or BeOS, as demonstrated in packages including (a) gcj, (b) KDE, (c) libwww, (d) the Rudiments library, (e) teTeX, (f) xmail, (g) bfbtester, (h) ncftp, (i) netwib, (j) OpenOffice.org, (k) Pike, (l) reprepro, (m) Tcl, and (n) xgsmlib.
CVE-2005-4786 1 Hauri 3 Hauri Livecall, Virobot, Vrazmain.dll 2026-04-16 N/A
Buffer overflow in the archive decompression library (vrAZMain.dll 5.8.22.137), as used in HAURI anti-virus products including (1) ViRobot Expert 4.0, (2) ViRobot Advanced Server, and (3) HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a long filename.
CVE-2005-4788 1 Suse 1 Suse Linux 2026-04-16 N/A
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, allows local users to bypass access control rules for USB devices via "alternate syntax for specifying USB devices."
CVE-2005-4789 1 Suse 1 Suse Linux 2026-04-16 N/A
resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level.
CVE-2005-4790 2 Novell, Suse 2 Suse Linux, Suse Linux 2026-04-16 N/A
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.
CVE-2005-4791 1 Novell 1 Suse Linux 2026-04-16 N/A
Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.
CVE-2005-4792 1 Phpwebsite 1 Phpwebsite 2026-04-16 N/A
SQL injection vulnerability in index.php in Appalachian State University phpWebSite 0.10.1 and earlier allows remote attackers to execute arbitrary SQL commands via the module parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-4793 1 Hitachi 2 Cm2-network Node Manager, Jp1-cm2-network Node Manager 250 2026-04-16 N/A
Multiple unspecified vulnerabilities in the web utility function in Hitachi Cm2/Network Node Manager and JP1/Cm2/Network Node Manager before 20050930 allow attackers to execute arbitrary commands, disable services, and "exploit vulnerabilities."
CVE-2006-0445 1 Phpclanwebsite 1 Phpclanwebsite 2026-04-16 N/A
index.php in Phpclanwebsite 1.23.1 allows remote authenticated users to obtain the installation path by specifying an invalid file name to the uploader page, as demonstrated by "\", which will display the full path of uploader.php. NOTE: this might be the result of a file inclusion vulnerability.
CVE-2006-0470 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in search.php in MyBulletinBoard (MyBB) 1.02 allows remote attackers to inject arbitrary web script or HTML via the (1) sortby and (2) sortordr parameters, which are not properly handled in a redirection.
CVE-2006-0471 1 My Little Homepage 1 My Little Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
CVE-2006-0472 1 My Little Homepage 1 My Little Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
CVE-2006-0621 1 Qnx 1 Rtos 2026-04-16 N/A
Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via a long first argument to the (1) su or (2) passwd commands.
CVE-2006-0494 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.02 allows local users with MyBB administrative privileges to include and possibly execute arbitrary local files via directory traversal sequences and a nul (%00) character in the plugin parameter.
CVE-2006-0495 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the Add Thread to Favorites feature in usercp2.php in MyBB (aka MyBulletinBoard) 1.02 allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header ($url variable).
CVE-2006-0496 1 Mozilla 2 Firefox, Mozilla 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding (Cascading Style Sheets) CSS property, which does not require that the style sheet have the same origin as the web page, as demonstrated by the compromise of a large number of LiveJournal accounts.
CVE-2006-0497 1 Php Gen 1 Php Gen 2026-04-16 N/A
Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors.
CVE-2006-0501 1 Punctweb 1 Myco Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in MyCO Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the Name field, when registering a user.
CVE-2006-0502 1 Farsinews 1 Farsinews 2026-04-16 N/A
PHP remote file inclusion vulnerability in loginout.php in FarsiNews 2.1 Beta 2 and earlier, with register_globals enabled, allows remote attackers to include arbitrary files via a URL in the cutepath parameter.
CVE-2006-0503 1 Mailenable 1 Mailenable Professional 2026-04-16 N/A
IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command.