Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0438 | 1 Awstats | 1 Awstats | 2026-04-16 | N/A |
| awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter. | ||||
| CVE-2005-0439 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | N/A |
| Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names. | ||||
| CVE-2005-0440 | 1 Stefan Ritt | 1 Elog Web Logbook | 2026-04-16 | N/A |
| ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL. | ||||
| CVE-2005-0443 | 1 Devellion | 1 Cubecart | 2026-04-16 | N/A |
| index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message. | ||||
| CVE-2005-0444 | 1 Vmware | 1 Workstation | 2026-04-16 | N/A |
| VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code. | ||||
| CVE-2005-0445 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Open WebMail 2.x allows remote attackers to inject arbitrary HTML or web script via the domain name parameter (logindomain) in the login page. | ||||
| CVE-2005-0458 | 1 Oscommerce | 1 Oscommerce | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in contact_us.php in osCommerce 2.2-MS2 allows remote attackers to inject arbitrary web script or HTML via the enquiry parameter. | ||||
| CVE-2005-0460 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| index.php in MercuryBoard 1.0.x and 1.1.x allows remote attackers to obtain sensitive information by setting the debug parameter. | ||||
| CVE-2005-0461 | 1 Leonard Richardson | 1 Newsbruiser | 2026-04-16 | N/A |
| Unknown vulnerability in NewsBruiser 2.x before 2.6.1 allows remote attackers to "take actions on comments." | ||||
| CVE-2005-0462 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and 1.1.x allows remote attackers to inject arbitrary HTML and web script via the f parameter. | ||||
| CVE-2005-0463 | 1 Inl | 1 Ulog-php | 2026-04-16 | N/A |
| Unknown "major security flaws" in Ulog-php before 1.0, related to input validation, have unknown impact and attack vectors, probably related to SQL injection vulnerabilities in (1) host.php, (2) port.php, and (3) index.php. | ||||
| CVE-2005-0464 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error. | ||||
| CVE-2005-0465 | 1 Sgi | 1 Irix | 2026-04-16 | N/A |
| gr_osview in SGI IRIX does not drop privileges before opening files, which allows local users to overwrite arbitrary files via the -s option. | ||||
| CVE-2005-0467 | 1 Putty | 1 Putty | 2026-04-16 | N/A |
| Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated. | ||||
| CVE-2005-0468 | 2 Ncsa, Redhat | 2 Telnet, Enterprise Linux | 2026-04-16 | N/A |
| Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. | ||||
| CVE-2005-0470 | 3 Gentoo, Suse, Wpa Supplicant | 3 Linux, Suse Linux, Wpa Supplicant | 2026-04-16 | N/A |
| Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data. | ||||
| CVE-2005-0471 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names. | ||||
| CVE-2005-0472 | 3 Mandrakesoft, Redhat, Rob Flynn | 5 Mandrake Linux, Mandrake Linux Corporate Server, Enterprise Linux and 2 more | 2026-04-16 | N/A |
| Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. | ||||
| CVE-2005-0484 | 1 Gproftpd | 1 Gproftpd | 2026-04-16 | N/A |
| Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log. | ||||
| CVE-2005-0486 | 1 Tarantella | 2 Secure Global Desktop, Tarantella Enterprise | 2026-04-16 | N/A |
| Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme. | ||||