Search Results (365176 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0185 1 Mnet Soft Factory 1 Nodemanager Professional 2026-04-16 N/A
Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field.
CVE-2005-0178 4 Linux, Netkit, Redhat and 1 more 4 Linux Kernel, Linux Netkit, Enterprise Linux and 1 more 2026-04-16 N/A
Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.
CVE-2005-0174 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.
CVE-2005-0173 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
CVE-1999-1410 1 Sgi 1 Irix 2026-04-16 N/A
addnetpr in IRIX 5.3 and 6.2 allows local users to overwrite arbitrary files and possibly gain root privileges via a symlink attack on the printers temporary file.
CVE-1999-0150 1 Gnu 1 Fingerd 2026-04-16 N/A
The Perl fingerd program allows arbitrary command execution from remote users.
CVE-2005-4677 1 Oscommerce 1 Oscommerce 2026-04-16 N/A
SQL injection vulnerability in additional_images.php (aka the Additional Images module) before 1.14 in osCommerce allows remote attackers to execute arbitrary SQL commands via the products_id parameter to product_info.php.
CVE-2005-0158 1 Bidwatcher 1 Bidwatcher 2026-04-16 N/A
Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses.
CVE-2005-0156 7 Ibm, Larry Wall, Redhat and 4 more 9 Aix, Perl, Enterprise Linux and 6 more 2026-04-16 N/A
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
CVE-2005-0149 2 Mozilla, Redhat 3 Mozilla, Thunderbird, Enterprise Linux 2026-04-16 N/A
Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers to bypass the user's intended privacy and security policy by using cookies in e-mail messages.
CVE-2005-4676 1 Andreas Huggel 1 Exiv2 2026-04-16 N/A
Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null terminate strings before calling the sscanf function, which allows remote attackers to cause a denial of service (application crash) via images with crafted IPTC metadata.
CVE-2005-4675 1 Complete Php Counter 1 Complete Php Counter 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in list.php in Complete PHP Counter allows remote attackers to inject arbitrary web script or HTML via the c parameter.
CVE-2005-0146 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation.
CVE-2005-0142 2 Mozilla, Redhat 4 Firefox, Mozilla, Thunderbird and 1 more 2026-04-16 N/A
Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF.
CVE-1999-0139 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access.
CVE-2005-3486 1 Scorched 3d 1 Scorched 3d 2026-04-16 N/A
Multiple format string vulnerabilities in Scorched 3D 39.1 (bf) and earlier allow remote attackers to execute arbitrary code via various (1) GLConsole::addLine, (2) ServerCommon::sendString, (3) ServerCommon::serverLog functions, and possibly other unspecified vectors.
CVE-2005-0141 2 Mozilla, Redhat 3 Firefox, Mozilla, Enterprise Linux 2026-04-16 N/A
Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab.
CVE-1999-0130 7 Bsdi, Caldera, Eric Allman and 4 more 7 Bsd Os, Network Desktop, Sendmail and 4 more 2026-04-16 N/A
Local users can start Sendmail in daemon mode and gain root privileges.
CVE-2005-0136 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.
CVE-1999-0124 1 University Of Minnesota 1 Gopherd 2026-04-16 N/A
Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon.