Export limit exceeded: 359682 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359682 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359682 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359682 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2205 | 1 Pngren | 1 Pngren | 2026-04-16 | N/A |
| The ReadLog function in kaiseki.cgi in pngren allows remote attackers to execute arbitrary commands via shell metacharacters in the query string. | ||||
| CVE-2005-2207 | 1 Elemental Software | 1 Cartwiz | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in store/login.asp in CartWIZ allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2005-2208 | 1 Privashare | 1 Privashare | 2026-04-16 | N/A |
| PrivaShare 1.1b allows remote attackers to cause a denial of service (crash) via a malformed message. | ||||
| CVE-2005-2211 | 1 Sukria | 1 Backup Manager | 2026-04-16 | N/A |
| Backup Manager 0.5.8a creates temporary files insecurely, which allows local users to conduct unauthorized file operations when a user is burning a CDR. | ||||
| CVE-2005-2212 | 1 Sukria | 1 Backup Manager | 2026-04-16 | N/A |
| Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository. | ||||
| CVE-2005-2213 | 1 Mms Ripper | 1 Mms Ripper | 2026-04-16 | N/A |
| Buffer overflow in the mms_interp_header function in mms.c in MMS Ripper before 0.6.4 might allow remote attackers to execute arbitrary code via a file with more than 20 streams. | ||||
| CVE-2005-2214 | 1 Debian | 1 Apt-setup | 2026-04-16 | N/A |
| apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords. | ||||
| CVE-2005-2215 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888. | ||||
| CVE-2005-2216 | 1 Photogal | 1 Photogal Photo Gallery | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and earlier allows remote attackers to execute arbitrary code via the news_file parameter. | ||||
| CVE-2005-2217 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2026-04-16 | N/A |
| Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | ||||
| CVE-2005-2218 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process. | ||||
| CVE-2005-2221 | 1 Incredible Interactive | 1 Dragonfly Commerce | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Dragonfly Commerce allows remote attackers to modify SQL statements and possibly execute arbitrary SQL commands via the (1) key parameter to dc_Categoriesview.asp, (2) dc_productslist_Clearance.asp, (3) PID parameter to ratings.asp, (4) dc_Productsview.asp, (5) start, (6) key_mp, (7) searchtype, or (8) psearch parameters to dc_forum_Postslist.asp. NOTE: the vendor has disputed this issue, saying that the error messages arise from invalid category and product numbers. Assuming that this is the case, the issue still satisfies the CVE definition of "exposure. | ||||
| CVE-2005-2222 | 1 Mailenable | 1 Mailenable Professional | 2026-04-16 | N/A |
| Unknown vulnerability in the HTTPMail service in MailEnable Professional before 1.6 has unknown impact and attack vectors. | ||||
| CVE-2005-2223 | 1 Mailenable | 2 Mailenable Professional, Mailenable Standard | 2026-04-16 | N/A |
| Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication. | ||||
| CVE-2005-2224 | 1 Microsoft | 1 Asp.net | 2026-04-16 | N/A |
| aspnet_wp.exe in Microsoft ASP.NET web services allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a crafted SOAP message to an RPC/Encoded method. | ||||
| CVE-2005-2226 | 1 Microsoft | 1 Outlook Express | 2026-04-16 | N/A |
| Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information. | ||||
| CVE-2005-2228 | 1 Bdc Enterprises | 1 Web Wiz Forums | 2026-04-16 | N/A |
| Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum. | ||||
| CVE-2005-2230 | 1 Elmo | 1 Elmo | 2026-04-16 | N/A |
| Electronic Mail Operator (elmo) 1.3.2-r1 and earlier creates the elmostats temporary file insecurely, which allows local users to overwrite arbitrary files. | ||||
| CVE-2005-2231 | 1 High Availability Linux Project | 1 Heartbeat | 2026-04-16 | N/A |
| High Availability Linux Project Heartbeat 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2005-2232 | 1 Ibm | 1 Aix | 2026-04-16 | N/A |
| Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument. | ||||