Export limit exceeded: 363604 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363604 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2607 1 Phpsimplicity 1 Simplicity Of Upload 2026-04-16 N/A
PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters.
CVE-2005-3347 1 Phpgroupware 1 Phpgroupware 2026-04-16 N/A
Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) sensor_program parameter or the (2) _SERVER[HTTP_ACCEPT_LANGUAGE] parameter, which overwrites an internal variable, a variant of CVE-2003-0536. NOTE: due to a typo in an advisory, an issue in osh was inadvertently linked to this identifier; the proper identifier for the osh issue is CVE-2005-3346.
CVE-2005-3348 1 Phpsysinfo 1 Phpsysinfo 2026-04-16 N/A
HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter.
CVE-2005-0442 1 Devellion 1 Cubecart 2026-04-16 N/A
Directory traversal vulnerability in index.php for CubeCart 2.0.4 allows remote attackers to read arbitrary files via the language parameter.
CVE-2005-2608 1 Safehtml 1 Safehtml 2026-04-16 N/A
SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML.
CVE-2005-3768 1 Symantec 10 Enterprise Firewall, Firewall Vpn Appliance 100, Firewall Vpn Appliance 200 and 7 more 2026-04-16 N/A
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
CVE-2005-0446 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
CVE-2005-0447 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.
CVE-2005-2609 1 Vegadns 1 Vegadns 2026-04-16 N/A
index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter.
CVE-2005-3349 1 Gnu 1 Gnump3d 2026-04-16 N/A
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink attack on the index.lok temporary file.
CVE-2005-0365 2 Kde, Redhat 2 Kde, Enterprise Linux 2026-04-16 N/A
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
CVE-2005-0364 1 Hp 1 Hp-ux 2026-04-16 N/A
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
CVE-2005-0363 1 Awstats 1 Awstats 2026-04-16 N/A
awstats.pl in AWStats 4.0 and 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter.
CVE-2005-0362 1 Awstats 1 Awstats 2026-04-16 N/A
awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or (3) "noloadplugin" parameters.
CVE-2005-3328 1 Punbb 1 Punbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote attackers to execute arbitrary code via the pun_root parameter.
CVE-2005-3325 2 Acid, Secureideas 2 Analysis Console For Intrusion Databases, Basic Analysis And Security Engine 2026-04-16 N/A
Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these products, allow remote attackers to execute arbitrary SQL commands via the sig[1] parameter and possibly other parameters.
CVE-2005-2577 1 Wyse 1 Winterm 2026-04-16 N/A
Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field.
CVE-2005-0360 1 Microsoft 1 Log Sink Class Activex Control 2026-04-16 N/A
The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files.
CVE-2005-2576 1 Calogic 1 Calogic 2026-04-16 N/A
CaLogic 1.22, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) doclsqlres.php, (2) clmcpreload.php, (3) viewhistlog.php, (4) mcconfig.php, (5) doclsqlbak.php, (6) defcalsel.php, or (7) cl_minical.php, which reveals the path in an error message.
CVE-2005-2406 1 Opera 1 Opera Browser 2026-04-16 N/A
Opera 8.01 allows remote attackers to conduct cross-site scripting (XSS) attacks or modify which files are uploaded by tricking a user into dragging an image that is a "javascript:" URI.