Export limit exceeded: 19592 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359547 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359547 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359547 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0630 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter. | ||||
| CVE-2005-0631 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters. | ||||
| CVE-2005-0632 | 1 Phpnews | 1 Phpnews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2005-0633 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2026-04-16 | N/A |
| Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | ||||
| CVE-2005-0634 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. | ||||
| CVE-2005-0641 | 1 Broadcom | 1 Unicenter Asset Management | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template. | ||||
| CVE-2005-0642 | 1 Broadcom | 1 Unicenter Asset Management | 2026-04-16 | N/A |
| SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file. | ||||
| CVE-2005-0643 | 1 Mcafee | 1 Antivirus Engine | 2026-04-16 | N/A |
| Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files. | ||||
| CVE-2005-0644 | 1 Mcafee | 1 Antivirus Engine | 2026-04-16 | N/A |
| Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to execute arbitrary code via a malformed LHA file with a type 2 header file name field, a variant of CVE-2005-0643. | ||||
| CVE-2005-0653 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended. | ||||
| CVE-2005-0646 | 1 Php Arena | 1 Panews | 2026-04-16 | N/A |
| SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter. | ||||
| CVE-2005-0647 | 1 Php Arena | 1 Panews | 2026-04-16 | N/A |
| admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php. | ||||
| CVE-2005-0648 | 1 Pixel-apes Group | 1 Safehtml | 2026-04-16 | N/A |
| Multiple vulnerabilities in Pixel-Apes SafeHTML before 1.3.0 allow remote attackers to bypass cross-site scripting (XSS) protection via (1) "decimal HTML entities" or (2) "the \x00 symbol." | ||||
| CVE-2005-0649 | 1 Pixel-apes Group | 1 Safehtml | 2026-04-16 | N/A |
| Pixel-Apes SafeHTML before 1.2.1 allows remote attackers to bypass cross-site scripting (XSS) protection via "hexadecimal HTML entities." | ||||
| CVE-2005-0651 | 1 Projectbb | 1 Projectbb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "drivers.php" by some sources), (3) the search feature text area, (4) post name in the post creation feature, (5) City, (6) Homepage, (7) ICQ, (8) AOL, (9) Yahoo!, (10) MSN, or (11) e-mail fields in the profile feature or (12) the new field in the moderator section. | ||||
| CVE-2005-0652 | 1 Hp | 1 Openvms | 2026-04-16 | N/A |
| Unknown vulnerability in HP OpenVMS VAX 7.x and 6.x and OpenVMS Alpha 7.x or 6.x allows local users to access privileged files. | ||||
| CVE-2005-0663 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter. | ||||
| CVE-2005-0655 | 1 Arif Supriyanto | 1 Auracms | 2026-04-16 | N/A |
| auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message. | ||||
| CVE-2005-0656 | 1 Arif Supriyanto | 1 Auracms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php. | ||||
| CVE-2005-0657 | 1 Computalynx | 1 Cproxy | 2026-04-16 | N/A |
| Directory traversal vulnerability in Computalynx CProxy 3.3.x and 3.4.x through 3.4.4 allows remote attackers to read arbitrary files or cause a denial of service (application crash) via a .. (dot dot) in an HTTP request. | ||||