Export limit exceeded: 34739 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1830 | 1 Compuware | 1 Softice Driverstudio | 2025-04-03 | N/A |
| The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 allows remote attackers to cause a denial of service (application crash) via an invalid Debug Message pointer. | ||||
| CVE-2005-1831 | 1 Todd Miller | 1 Sudo | 2025-04-03 | 8.4 High |
| Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty. | ||||
| CVE-2005-1832 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php. | ||||
| CVE-2005-1833 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php. | ||||
| CVE-2005-1834 | 1 Nextweb | 1 Nextweb \(i\)site | 2025-04-03 | N/A |
| SQL injection vulnerability in login.asp in NEXTWEB (i)Site allows remote attackers to execute arbitrary SQL commands and bypass authentication via the password field. | ||||
| CVE-2005-1836 | 1 Nextweb | 1 Nextweb \(i\)site | 2025-04-03 | N/A |
| NEXTWEB (i)Site allows remote attackers to cause a denial of service (error 500) via a crafted HTTP request, possibly involving wildcard requests for .jsp files. | ||||
| CVE-2005-1837 | 1 Fortinet | 1 Fortinet Firewall | 2025-04-03 | N/A |
| Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console access to gain privileges. | ||||
| CVE-2005-1838 | 1 Liberum | 1 Liberum Help Desk | 2025-04-03 | N/A |
| Multiple cross-site scripting vulnerabilities in castnewPost.asp in Liberum Help Desk 0.97.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Email, (2) Title, or (3) Description fields. | ||||
| CVE-2005-1839 | 1 Liberum | 1 Liberum Help Desk | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) view.asp or (2) print.asp or (3) edit parameter to register.asp. | ||||
| CVE-2005-1840 | 1 Phpcms | 1 Phpcms | 2025-04-03 | N/A |
| Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary files, as demonstrated using a .. (dot dot) in the language parameter to parser.php. | ||||
| CVE-2005-1841 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2025-04-03 | N/A |
| The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it. | ||||
| CVE-2005-1842 | 1 Adobe | 1 Version Cue | 2025-04-03 | N/A |
| VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-2005-1843 | 1 Adobe | 1 Version Cue | 2025-04-03 | N/A |
| VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument. | ||||
| CVE-2005-1846 | 1 Yamt | 1 Yamt | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allow attackers to overwrite arbitrary files via the (1) rename or (2) sort options. | ||||
| CVE-2005-1847 | 1 Yamt | 1 Yamt | 2025-04-03 | N/A |
| Multiple buffer overflows in YaMT before 0.5_2 allow attackers to execute arbitrary code via the (1) rename or (2) sort options. | ||||
| CVE-2005-1848 | 2 Phystech, Redhat | 2 Dhcpcd, Enterprise Linux | 2025-04-03 | N/A |
| The dhcpcd DHCP client before 1.3.22 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors that cause an out-of-bounds memory read. | ||||
| CVE-2005-1849 | 2 Redhat, Zlib | 3 Enterprise Linux, Network Satellite, Zlib | 2025-04-03 | N/A |
| inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced. | ||||
| CVE-2005-1850 | 1 Ekg | 1 Ekg | 2025-04-03 | N/A |
| Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916. | ||||
| CVE-2005-1851 | 1 Ekg | 1 Ekg | 2025-04-03 | N/A |
| A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors. | ||||
| CVE-2005-1853 | 1 University Of Minnesota | 1 Gopher | 2025-04-03 | N/A |
| gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges. | ||||