Export limit exceeded: 345207 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345207 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3032 | 1 Cambridge Computer Corporation | 1 Vxtftpsrv | 2026-04-16 | N/A |
| Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument. | ||||
| CVE-2005-2754 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | ||||
| CVE-2005-3033 | 1 Cambridge Computer Corporation | 1 Vxweb | 2026-04-16 | N/A |
| Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2005-3229 | 1 Clam Anti-virus | 1 Clamav | 2026-04-16 | N/A |
| Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | ||||
| CVE-2005-2755 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Apple QuickTime Player before 7.0.3 allows user-assisted attackers to cause a denial of service (crash) via a crafted file with a missing movie attribute, which leads to a null dereference. | ||||
| CVE-2005-3034 | 1 Compuware | 1 Driverstudio | 2026-04-16 | N/A |
| Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session. | ||||
| CVE-2005-3230 | 1 Panda | 1 Activescan | 2026-04-16 | N/A |
| Multiple interpretation error in unspecified versions of Panda Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | ||||
| CVE-2005-3360 | 1 Trend Micro | 1 Pc-cillin 2005 | 2026-04-16 | N/A |
| The installation of Trend Micro PC-Cillin Internet Security 2005 12.00 build 1244, and probably previous versions, uses insecure default ACLs, which allows local users to cause a denial of service (disabled service) and gain system privileges by modifying or moving critical program files. | ||||
| CVE-2005-2756 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Apple QuickTime before 7.0.3 allows user-assisted attackers to overwrite memory and execute arbitrary code via a crafted PICT file that triggers an overflow during expansion. | ||||
| CVE-2005-3035 | 1 Compuware | 1 Driverstudio | 2026-04-16 | N/A |
| Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service (reboot) via a UDP packet sent directly to port 9110. | ||||
| CVE-2005-3361 | 1 Flatnuke | 1 Flatnuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in forum/index.php in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the nome parameter in a login operation, a variant of CVE-2005-3306. | ||||
| CVE-2005-2757 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in CoreFoundation in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to execute arbitrary code via unknown attack vectors involving "validation of URLs." | ||||
| CVE-2005-3036 | 1 Ttxn | 1 File Transfer Anywhere | 2026-04-16 | N/A |
| File Transfer Anywhere 3.01 stores sensitive password information in plaintext in the PASS value in the "File Transfer Anywhere" registry key, which allows local users to gain privileges. | ||||
| CVE-2005-2758 | 1 Symantec | 2 Antivirus Scan Engine, Antivirus Scan Engine For Network Attached Storage | 2026-04-16 | N/A |
| Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow. | ||||
| CVE-2005-3037 | 1 Handy Address Book | 1 Handy Address Book Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the SEARCHTEXT parameter in a demos URL. | ||||
| CVE-2005-3231 | 1 Cat | 1 Quick Heal | 2026-04-16 | N/A |
| Multiple interpretation error in unspecified versions of CAT Quick Heal allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. | ||||
| CVE-2005-2759 | 1 Symantec | 1 Norton Antivirus | 2026-04-16 | N/A |
| ** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue. | ||||
| CVE-2005-2762 | 1 Avaya | 1 Vpnremote | 2026-04-16 | N/A |
| Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user's credentials. | ||||
| CVE-2005-2765 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2026-04-16 | N/A |
| The user interface in the Windows Firewall does not properly display certain malformed entries in the Windows Registry, which makes it easier for attackers with administrator privileges to hide activities if the administrator only uses the Windows Firewall interface to monitor exceptions. NOTE: the vendor disputes this issue, saying that since administrative privileges are already required, it is not a vulnerability. CVE has not yet formally decided if such "information hiding" issues should be included. | ||||
| CVE-2005-2767 | 1 Leapware | 1 Leapftp | 2026-04-16 | N/A |
| Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file. | ||||