Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2547 1 Bluez Project 1 Bluez 2026-04-16 N/A
security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper.
CVE-2005-3286 1 Kerio 2 Personal Firewall, Serverfirewall 2026-04-16 N/A
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."
CVE-2002-1535 1 Symantec 2 Enterprise Firewall, Raptor Firewall 2026-04-16 N/A
Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
CVE-2002-1539 1 Alt-n 1 Mdaemon 2026-04-16 N/A
Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments.
CVE-2002-1540 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.
CVE-2005-3290 1 Accelerated Enterprise Solutions 1 Accelerated Mortgage Manager 2026-04-16 N/A
SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field.
CVE-2002-1544 1 Cooolsoft 1 Personal Ftp Server 2026-04-16 N/A
Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to read or modify arbitrary files via .. (dot dot) sequences in the commands (1) LIST (ls), (2) mkdir, (3) put, or (4) get.
CVE-2005-3089 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability.
CVE-2005-3291 1 Stani 1 Stanis Python Editor 2026-04-16 N/A
Stani's Python Editor (SPE) 0.7.5 is installed with world-writable permissions, which allows local users to gain privileges by modifying executable files.
CVE-2002-1545 1 Cooolsoft 1 Personal Ftp Server 2026-04-16 N/A
CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FTP root via a PWD command, which includes the full path in the response.
CVE-2005-3295 1 Hp 1 Hp-ux 2026-04-16 N/A
Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."
CVE-2002-1557 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.
CVE-2002-1558 1 Cisco 1 Optical Networking Systems Software 2026-04-16 N/A
Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.
CVE-2005-2570 1 Funkboard 1 Funkboard 2026-04-16 N/A
FunkBoard 0.66CF, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to forums.php, which reveals the path in an error message.
CVE-2005-3090 1 Mantis 1 Mantis 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in bug_actiongroup_page.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the summary of the bug, which is not quoted when view_all_bug_page.php is used to delete the bug, as identified by bug#0006002, a different vulnerability than CVE-2005-2557.
CVE-2005-3093 1 Nokia 2 3210, 7610 2026-04-16 N/A
Nokia 7610 and 3210 phones allows attackers to cause a denial of service via certain characters in the filename of a Bluetooth OBEX transfer.
CVE-2002-1563 2 Redhat, Stunnel 3 Enterprise Linux, Linux, Stunnel 2026-04-16 N/A
stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal handler race conditions that cause an inconsistency in the child counter.
CVE-2005-3094 1 Avi Alkalay 1 Man Cgi 2026-04-16 N/A
Avi Alkalay man-cgi script allows remote attackers to execute arbitrary code via shell metacharacters in the topic parameter.
CVE-2002-1576 1 Sap 1 Sap Db 2026-04-16 N/A
lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program.
CVE-2005-3096 1 Avi Alkalay 1 Nslookup.cgi 2026-04-16 N/A
Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter.