Export limit exceeded: 345211 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345211 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2073 | 1 Vserver | 1 Linux-vserver | 2026-04-16 | N/A |
| Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command. | ||||
| CVE-2004-2082 | 1 Karjasoft | 1 Sami Ftp Server | 2026-04-16 | N/A |
| The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters. | ||||
| CVE-2005-3126 | 1 Antiword | 1 Antiword | 2026-04-16 | N/A |
| The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and earlier allow local users to overwrite arbitrary files via a symlink attack on temporary (a) output and (b) error files. | ||||
| CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | ||||
| CVE-2005-3127 | 1 Lucidcms | 1 Lucidcms | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in lucidCMS 1.0.11 allows remote attackers to inject arbitrary web script or HTML via the query string. | ||||
| CVE-2004-2087 | 1 Sandsurfer | 1 Sandsurfer | 2026-04-16 | N/A |
| Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user. | ||||
| CVE-2005-3129 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 and earlier allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag to serendipity_admin.php. | ||||
| CVE-2004-2088 | 1 Sophos | 1 Sophos Anti-virus | 2026-04-16 | N/A |
| Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message. | ||||
| CVE-2005-3130 | 1 Lucidcms | 1 Lucidcms | 2026-04-16 | N/A |
| SQL injection vulnerability in lucidCMS 1.0.11 allows remote attackers to execute arbitrary SQL commands via the login field. | ||||
| CVE-2004-2089 | 1 Matrix | 1 Matrix Ftp Server | 2026-04-16 | N/A |
| Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the username and password and then issuing a LIST command. | ||||
| CVE-2004-2090 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.0.1 through 6.0 allows remote attackers to determine the existence of arbitrary files via the VBScript LoadPicture method, which returns an error code if the file does not exist. | ||||
| CVE-2005-3131 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to blank.html, or the createdataCX parameter to (2) calendar_d.html, (3) calendar_m.html, or (4) calendar_w.html. | ||||
| CVE-2005-3269 | 1 Sun | 4 Java System Directory Proxy Server, Java System Directory Server, One Administration Server and 1 more | 2026-04-16 | N/A |
| Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges. | ||||
| CVE-2005-3132 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message. | ||||
| CVE-2005-3272 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets. | ||||
| CVE-2005-2618 | 2 Autonomy, Ibm | 4 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk and 1 more | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll). | ||||
| CVE-2005-3133 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to (1) delete arbitrary files or directories via a relative path to the id parameter to logout.html or (2) include arbitrary PHP files or other files via the helpid parameter to help.html. | ||||
| CVE-2005-3134 | 1 Citrix | 1 Metaframe | 2026-04-16 | N/A |
| Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName). | ||||
| CVE-2005-3135 | 1 Virtools | 1 Web Player | 2026-04-16 | N/A |
| Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename. | ||||
| CVE-2005-3136 | 1 Virtools | 1 Web Player | 2026-04-16 | N/A |
| Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename. | ||||