Export limit exceeded: 363618 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363618 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-0366 1 Gnupg 1 Gnupg 2026-04-16 N/A
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed.
CVE-2005-2579 1 Nortel 1 Contivity 2026-04-16 N/A
Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box.
CVE-2005-3329 1 Rsa 1 Authentication Agent For Web 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in RSA Authentication Agent for Web 5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the image parameter in a GetPic operation.
CVE-2005-0367 1 Argosoft 1 Argosoft Mail Server 2026-04-16 N/A
Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authenticated users to read, delete, or upload arbitrary files via a .. (dot dot) in (1) the filename of an e-mail attachment, (2) the _msgatt.rec file, (3) and the /msg, /delete, /folderadd, and /folderdelete operations for the Folder parameter.
CVE-2005-2580 1 Mybulletinboard 1 Mybulletinboard 2026-04-16 N/A
Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 with Security Patch allow remote attackers to execute arbitrary SQL commands via the Username field in (1) index.php or (2) member.php, action parameter to (3) search.php or (4) member.php, or (5) polloptions parameter to polls.php.
CVE-2005-3330 1 Snoopy 1 Snoopy 2026-04-16 N/A
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function.
CVE-2005-3331 1 Rogers Software Source 1 Mgdiff Patch Viewer 2026-04-16 N/A
viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-0371 1 Armagetron 2 Armagetron, Armagetron Advanced 2026-04-16 N/A
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (freeze) via a large number of player connections that do not send any data.
CVE-2005-0372 2 Gnome, Redhat 2 Gtk, Enterprise Linux 2026-04-16 N/A
Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.
CVE-2005-0373 6 Apple, Conectiva, Cyrus and 3 more 8 Mac Os X, Mac Os X Server, Linux and 5 more 2026-04-16 N/A
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
CVE-2005-3332 1 Belchior Foundry 1 Vcard 2026-04-16 N/A
PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter.
CVE-2005-0374 1 Bitshifters 1 Bitboard 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover.
CVE-2005-2581 1 Grandstream 2 Budgetone 101, Budgetone 102 2026-04-16 N/A
Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibly earlier versions, allows remote attackers to cause a denial of service (device hang or reboot) via a large UDP packet to port 5060.
CVE-2005-2584 1 Mentor 1 Adslfr4ii 2026-04-16 N/A
The web administration interface in Mentor ADSL-FR4II router running firmware 2.00.0111 does not set a default password, which allows local users to gain access.
CVE-2005-3333 1 Ebase 1 Ebaseweb 2026-04-16 N/A
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2005-0375 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with (1) idalbum and (2) idimage unset, which reveals the installation path in an error message for the sql_fetch_row function.
CVE-2005-0376 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
PHP remote file inclusion vulnerability in SGallery 1.01 allows local and possibly remote attackers to execute arbitrary PHP code by modifying the DOCUMENT_ROOT parameter to reference a URL on a remote web server that contains (1) config.php or (2) sql_layer.php.
CVE-2005-2586 1 Mentor 1 Adslfr4ii 2026-04-16 N/A
Mentor ADSL-FR4II router running firmware 2.00.0111 stores the web administration password in cleartext in the backup configuration file, which allows local users to obtain sensitive information.
CVE-2005-3337 1 Mantis 1 Mantis 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Mantis before 0.19.3 allow remote attackers to inject arbitrary web script or HTML via (1) unknown vectors involving Javascript and (2) mantis/view_all_set.php.
CVE-2005-0377 1 Sergey Kiselev 1 Sgallery 2026-04-16 N/A
SQL injection vulnerability in imageview.php for SGallery 1.01 allows remote attackers to execute arbitrary SQL commands via the (1) idalbum or (2) idimage parameters.