Export limit exceeded: 363963 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363963 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0348 1 Realnetworks 1 Realarcade 2026-04-16 N/A
Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag.
CVE-2005-0349 1 Broadcom 1 Brightstor Arcserve Backup 2026-04-16 N/A
The production release of the UniversalAgent for UNIX in BrightStor ARCserve Backup 11.1 contains hard-coded credentials, which allows remote attackers to access the file system and possibly execute arbitrary commands.
CVE-2005-0350 1 F-secure 4 F-secure Anti-virus, F-secure Internet Security, F-secure Personal Express and 1 more 2026-04-16 N/A
Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.
CVE-2005-0351 1 Sco 1 Openserver 2026-04-16 N/A
Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.
CVE-2005-0352 1 Woodstone 1 Servers Alive 2026-04-16 N/A
Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges.
CVE-2005-0353 1 Safenet 1 Sentinel License Manager 2026-04-16 N/A
Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.
CVE-2005-0356 9 Alaxala, Cisco, F5 and 6 more 76 Alaxala Networks, Agent Desktop, Aironet Ap1200 and 73 more 2026-04-16 N/A
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
CVE-2005-0357 2 Emc, Sun 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software 2026-04-16 N/A
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
CVE-2005-0358 2 Emc, Sun 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software 2026-04-16 N/A
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
CVE-2005-0359 2 Emc, Sun 3 Legato Networker, Solstice Backup, Storedge Enterprise Backup Software 2026-04-16 N/A
The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service.
CVE-2005-0360 1 Microsoft 1 Log Sink Class Activex Control 2026-04-16 N/A
The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files.
CVE-2005-0362 1 Awstats 1 Awstats 2026-04-16 N/A
awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.
CVE-2005-0363 1 Awstats 1 Awstats 2026-04-16 N/A
awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.
CVE-2005-0364 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
CVE-2005-0365 2 Kde, Redhat 2 Kde, Enterprise Linux 2026-04-16 N/A
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2005-0366 1 Gnupg 1 Gnupg 2026-04-16 N/A
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed.
CVE-2005-0367 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authenticated users to read, delete, or upload arbitrary files via a .. (dot dot) in (1) the filename of an e-mail attachment, (2) the _msgatt.rec file, (3) and the /msg, /delete, /folderadd, and /folderdelete operations for the Folder parameter.
CVE-2005-0368 1 Chipmunk Scripts 1 Cmscore 2026-04-16 N/A
Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php.
CVE-2005-0369 1 Armagetronad 2 Armagetron, Armagetron Advanced 2026-04-16 5.3 Medium
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
CVE-2005-0370 1 Armagetron 2 Armagetron, Armagetron Advanced 2026-04-16 N/A
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (network disconnection) via an empty UDP packet, which is not properly distinguished from the "no new packets" state of the associated socket.