Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0117 1 Xshisen 1 Xshisen 2026-04-16 N/A
Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS field.
CVE-2005-0118 1 Helvis 1 Helvis 2026-04-16 N/A
helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users.
CVE-2005-0119 1 Helvis 1 Helvis 2026-04-16 N/A
helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program.
CVE-2006-0336 1 Kerio 1 Winroute Firewall 2026-04-16 N/A
Kerio WinRoute Firewall before 6.1.4 Patch 2 allows attackers to cause a denial of service (CPU consumption and hang) via unknown vectors involving "browsing the web".
CVE-2005-0120 1 Helvis 1 Helvis 2026-04-16 N/A
helvis 1.8h2_1 and earlier allows local users to delete arbitrary files via the elvprsv setuid program.
CVE-2006-1175 1 Weonlydo 1 Weonlydo Sftp 2026-04-16 N/A
The WeOnlyDo! SFTP (wodSFTP) ActiveX control is marked as safe for scripting, which allows remote attackers to read and write files in arbitrary locations by accessing the control from a web page.
CVE-2005-0121 1 Alexander Siegel 1 Golddig 2026-04-16 N/A
Multiple buffer overflows in golddig 2.0 and earlier allow local users to execute arbitrary code via (1) a long map name command line argument or (2) a long username as recorded in the USER environment variable.
CVE-2005-0124 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow.
CVE-2006-2676 1 Sitescape 1 Sitescape Forum 2026-04-16 N/A
Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames.
CVE-2006-0337 1 F-secure 4 F-secure Anti-virus, F-secure Internet Security, Internet Gatekeeper and 1 more 2026-04-16 N/A
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.
CVE-2006-0338 1 F-secure 4 F-secure Anti-virus, F-secure Internet Security, F-secure Personal Express and 1 more 2026-04-16 N/A
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.
CVE-2005-0125 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user.
CVE-2006-0339 1 Bitcomet 1 Bitcomet 2026-04-16 N/A
Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file.
CVE-2005-0126 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap.
CVE-2005-0127 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine.
CVE-2006-0341 1 Rockliffe 1 Mailsite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in WCONSOLE.DLL in Rockliffe MailSite 5.x and 6.1.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2005-0129 1 Berlios 1 Konversation 2026-04-16 N/A
The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC commands via a channel name containing "%" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected.
CVE-2005-0130 1 Berlios 1 Konversation 2026-04-16 N/A
Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC scripts.
CVE-2005-0131 1 Berlios 1 Konversation 2026-04-16 N/A
The Quick Connection dialog in Konversation 0.15 inadvertently uses the user-provided password as the nickname instead of the user-provided nickname when connecting to the IRC server, which could leak the password to other users.
CVE-2006-2677 1 Sitescape 1 Sitescape Forum 2026-04-16 N/A
SiteScape Forum 7.2 and possibly earlier stores the avf.rc configuraiton file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive path information.