Export limit exceeded: 364156 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0320 | 1 Icewarp | 1 Web Mail | 2026-04-16 | N/A |
| Multiple cross-site scripting vulnerabilities in MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to login.html, (2) accountid parameter to accountsettings_add.html, or the (3) note, (4) title, and (5) location fields to calendar.html. | ||||
| CVE-2005-0322 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2) settings.cfg, (3) users.dat or (4) user.dat files, which allows local users to extract the passwords. | ||||
| CVE-2005-0323 | 1 Captaris | 1 Infinite Mobile Delivery Webmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Infinite Mobile Delivery Webmail 2.6 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2005-0324 | 1 Captaris | 1 Infinite Mobile Delivery Webmail | 2026-04-16 | N/A |
| Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain sensitive information via an HTTP request that contains invalid characters for a Windows foldername, which reveals the path in an error message. | ||||
| CVE-2005-0339 | 1 Foxmail | 1 Foxmail Email Server | 2026-04-16 | N/A |
| Buffer overflow in Foxmail 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long MAIL FROM command. | ||||
| CVE-2005-0340 | 1 Apple | 1 Afp Server | 2026-04-16 | N/A |
| Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denial of service (application crash) via a negative UAM string length in a FPLoginExt packet. | ||||
| CVE-2005-0341 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Apple Safari 1.2.4 does not obey the Content-type field in the HTTP header and renders text as HTML, which allows remote attackers to inject arbitrary web script or HTML and perform cross-site scripting (XSS) attacks. | ||||
| CVE-2005-0342 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The Finder in Mac OS X and earlier allows local users to overwrite arbitrary files and gain privileges by creating a hard link from the .DS_Store file to an arbitrary file. | ||||
| CVE-2005-0345 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| viewthread.php in php-fusion 4.x does not check the (1) forum_id or (2) forum_cat parameters, which allows remote attackers to view protected forums via the thread_id parameter. | ||||
| CVE-2005-0346 | 1 Safenet | 1 Softremote Vpn Client | 2026-04-16 | N/A |
| SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process. | ||||
| CVE-2005-0347 | 1 Realnetworks | 1 Realarcade | 2026-04-16 | N/A |
| Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow. | ||||
| CVE-2005-0348 | 1 Realnetworks | 1 Realarcade | 2026-04-16 | N/A |
| Directory traversal vulnerability in RealArcade 1.2.0.994 allows remote attackers to delete arbitrary files via an RGP file with a .. (dot dot) in the FILENAME tag. | ||||
| CVE-2005-0349 | 1 Broadcom | 1 Brightstor Arcserve Backup | 2026-04-16 | N/A |
| The production release of the UniversalAgent for UNIX in BrightStor ARCserve Backup 11.1 contains hard-coded credentials, which allows remote attackers to access the file system and possibly execute arbitrary commands. | ||||
| CVE-2005-0350 | 1 F-secure | 4 F-secure Anti-virus, F-secure Internet Security, F-secure Personal Express and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive. | ||||
| CVE-2005-0352 | 1 Woodstone | 1 Servers Alive | 2026-04-16 | N/A |
| Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges. | ||||
| CVE-2005-0368 | 1 Chipmunk Scripts | 1 Cmscore | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in CMScore allow remote attackers to execute arbitrary SQL commands via the (1) EntryID or (2) searchterm parameter to index.php, or (3) username parameter to authenticate.php. | ||||
| CVE-2005-0370 | 1 Armagetron | 2 Armagetron, Armagetron Advanced | 2026-04-16 | N/A |
| Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (network disconnection) via an empty UDP packet, which is not properly distinguished from the "no new packets" state of the associated socket. | ||||
| CVE-2005-0381 | 1 Forumkit | 1 Forumkit | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in f.aspx in forumKIT 1.0 allows remote attackers to inject arbitrary web script or HTML via the members parameter. | ||||
| CVE-2005-0382 | 1 Breed | 1 Breed | 2026-04-16 | N/A |
| Breed patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via an empty UDP packet, which triggers a null dereference. | ||||
| CVE-2005-0383 | 1 Trend Micro | 1 Control Manager | 2026-04-16 | N/A |
| Trend Micro Control Manager 3.0 Enterprise Edition allows remote attackers to gain privileges via a replay attack of the encrypted username and password. | ||||