Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3305 | 1 Nuked-klan | 1 Nuked-klan | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the (1) forum_id or (2) thread_id parameter in the Forum file, (3) the link_id in the Links file, (4) the artid parameter in the Sections file, and (5) the dl_id parameter in the Download file. | ||||
| CVE-2005-2545 | 1 Phpopenchat | 1 Phpopenchat | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PHPOpenChat 3.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content parameter to profile.php and profile_misc.php, (3) the profile fields in userpage.php, (4) subject or (5) body in mail.php, or (8) disinvited_chatter or (7) invited_chatter parameter to invite.php. | ||||
| CVE-2005-2546 | 1 Arab Portal | 1 Arab Portal | 2026-04-16 | N/A |
| Arab Portal 2.0 allows remote attackers to obtain sensitive information via a long (1) username or (2) password, which reveals the path in an error message when the undefined "errmsg" function is called. | ||||
| CVE-2005-2547 | 1 Bluez Project | 1 Bluez | 2026-04-16 | N/A |
| security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper. | ||||
| CVE-2005-2549 | 2 Gnome, Redhat | 2 Evolution, Enterprise Linux | 2026-04-16 | N/A |
| Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers. | ||||
| CVE-2005-2550 | 2 Gnome, Redhat | 2 Evolution, Enterprise Linux | 2026-04-16 | N/A |
| Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab. | ||||
| CVE-2005-2552 | 1 Hp | 1 Proliant Dl585 | 2026-04-16 | N/A |
| Unknown vulnerability in HP ProLiant DL585 servers running Integrated Lights Out (ILO) firmware before 1.81 allows attackers to access server controls when the server is "powered down." | ||||
| CVE-2005-2553 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| The find_target function in ptrace32.c in the Linux kernel 2.4.x before 2.4.29 does not properly handle a NULL return value from another function, which allows local users to cause a denial of service (kernel crash/oops) by running a 32-bit ltrace program with the -i option on a 64-bit executable program. | ||||
| CVE-2005-2554 | 1 Network Associates | 1 Epolicy Orchestrator Agent | 2026-04-16 | N/A |
| The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory. | ||||
| CVE-2005-3328 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote attackers to execute arbitrary code via the pun_root parameter. | ||||
| CVE-2005-0362 | 1 Awstats | 1 Awstats | 2026-04-16 | N/A |
| awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters. | ||||
| CVE-2005-0363 | 1 Awstats | 1 Awstats | 2026-04-16 | N/A |
| awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | ||||
| CVE-2005-0364 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service. | ||||
| CVE-2005-0365 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2026-04-16 | N/A |
| The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2005-2579 | 1 Nortel | 1 Contivity | 2026-04-16 | N/A |
| Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box. | ||||
| CVE-2005-3329 | 1 Rsa | 1 Authentication Agent For Web | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation. | ||||
| CVE-2005-0367 | 1 Argosoft | 1 Argosoft Mail Server | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authenticated users to read, delete, or upload arbitrary files via a .. (dot dot) in (1) the filename of an e-mail attachment, (2) the _msgatt.rec file, (3) and the /msg, /delete, /folderadd, and /folderdelete operations for the Folder parameter. | ||||
| CVE-2005-2580 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 with Security Patch allow remote attackers to execute arbitrary SQL commands via the Username field in (1) index.php or (2) member.php, action parameter to (3) search.php or (4) member.php, or (5) polloptions parameter to polls.php. | ||||
| CVE-2005-3331 | 1 Rogers Software Source | 1 Mgdiff Patch Viewer | 2026-04-16 | N/A |
| viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-0371 | 1 Armagetron | 2 Armagetron, Armagetron Advanced | 2026-04-16 | N/A |
| Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (freeze) via a large number of player connections that do not send any data. | ||||