Export limit exceeded: 363290 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363290 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1434 1 Hp 1 Openview Network Node Manager 2026-04-16 N/A
Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code.
CVE-2005-1435 1 Open Webmail 1 Open Webmail 2026-04-16 N/A
Open WebMail (OWM) before 2.51 20050430 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename.
CVE-2005-2958 1 Gnome 1 Libgda2 2026-04-16 N/A
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
CVE-2005-1436 1 Osticket 1 Osticket 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in osTicket allow remote attackers to inject arbitrary web script or HTML via (1) the t parameter to view.php, (2) the osticket_title parameter to header.php, (3) the em parameter to admin_login.php, (4) the e parameter to user_login.php, (5) the err parameter to open_submit.php, or (6) the name and subject fields when adding a ticket.
CVE-2005-1440 1 Codetosell 1 Viart Shop Enterprise 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ViArt Shop Enterprise 2.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) various parameters to basket.php, (2) the nickname, email, topic, and message fields in forum.php, as demonstrated using forum_new_thread.php and forum_thread.php, (3) the page parameter to page.php, (4) category_id and item_id parameters to reviews.php, (5) the category_id parameter to product_details.php, (6) the category_id or search_string parameters to products.php, or (7) the rp or page parameters to news_view.php.
CVE-2005-1443 1 Invision Power Services 1 Invision Power Board 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php for Invision Power Board (IPB) 2.0.3 and 2.1 Alpha 2 allows remote attackers to inject arbitrary web script or HTML via the (1) act, (2) Members, (3) calendar, or (4) HID parameters.
CVE-2005-2959 1 Todd Miller 1 Sudo 2026-04-16 N/A
Incomplete blacklist vulnerability in sudo 1.6.8 and earlier allows local users to gain privileges via the (1) SHELLOPTS and (2) PS4 environment variables before executing a bash script on behalf of another user, which are not cleared even though other variables are.
CVE-2005-1447 1 Sitepanel 1 Sitepanel 2026-04-16 N/A
PHP remote file inclusion vulnerability in main.php in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to execute arbitrary PHP code via the p parameter.
CVE-2005-2960 2 Debian, Gnu 2 Debian Linux, Cfengine 2026-04-16 N/A
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
CVE-2005-1448 1 S9y 1 Serendipity 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the BBCode plugin for Serendipity before 0.8 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-1449 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact.
CVE-2005-2961 1 Prozilla 1 Prozilla Download Accelerator 2026-04-16 N/A
Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag.
CVE-2005-1450 1 S9y 1 Serendipity 2026-04-16 N/A
Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact.
CVE-2005-1451 1 S9y 1 Serendipity 2026-04-16 N/A
The media manager in Serendipity before 0.8 allows remote attackers to upload and execute arbitrary (1) .php or (2) .shtml files.
CVE-2005-1453 1 Leafnode 1 Leafnode 2026-04-16 N/A
fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article body, which also prevents fetchnews from querying other servers.
CVE-2005-1454 2 Freeradius, Redhat 2 Freeradius, Enterprise Linux 2026-04-16 N/A
SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries.
CVE-2005-1455 2 Freeradius, Redhat 2 Freeradius, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).
CVE-2005-2962 1 Ntlmaps 1 Ntlmaps 2026-04-16 N/A
The post-installation script for ntlmaps before 0.9.9 sets world-readable permissions for the configuration file, which allows local users to obtain the username and password.
CVE-2004-2685 1 Youngzsoft 1 Ccproxy 2026-04-16 N/A
Buffer overflow in YoungZSoft CCProxy 6.2 and earlier allows remote attackers to execute arbitrary code via a long address in a ping (p) command to the Telnet proxy service, a different vector than CVE-2004-2416.
CVE-2005-1456 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Multiple unknown vulnerabilities in the (1) DHCP and (2) Telnet dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (abort).