Export limit exceeded: 359527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359527 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0535 | 2 Gentoo, Mediawiki | 2 Linux, Mediawiki | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauthorized actions as authenticated MediaWiki users. | ||||
| CVE-2005-0536 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Directory traversal vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to delete arbitrary files or determine file existence via a parameter related to image deletion. | ||||
| CVE-2005-0538 | 1 Ginp | 1 Ginp | 2026-04-16 | N/A |
| Directory traversal vulnerability in (1) GinpPictureServlet.java and (2) PicCollection.java in ginp (Java Photo Gallery Web Application) before 0.22 allows remote attackers to read arbitrary files. | ||||
| CVE-2005-0539 | 1 Ibm | 1 Hardware Management Console | 2026-04-16 | N/A |
| Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard. | ||||
| CVE-2005-0540 | 1 Cyclades | 1 Alterpath Manager | 2026-04-16 | N/A |
| Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to obtain sensitive information via a direct request to the /about.html page. | ||||
| CVE-2005-0541 | 1 Cyclades | 1 Alterpath Manager | 2026-04-16 | N/A |
| consoleConnect.jsp in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows remote attackers to connect to arbitrary consoles by modifying the consolename parameter. | ||||
| CVE-2005-0542 | 1 Cyclades | 1 Alterpath Manager | 2026-04-16 | N/A |
| saveUser.do in Cyclades AlterPath Manager (APM) Console Server 1.2.1 allows local users to gain privileges by setting the adminUser parameter to true. | ||||
| CVE-2005-0544 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message. | ||||
| CVE-2005-0546 | 2 Cyrus, Redhat | 2 Imapd, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd. | ||||
| CVE-2005-0547 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files." | ||||
| CVE-2005-0548 | 1 Sun | 1 Solaris Answerbook2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. | ||||
| CVE-2005-0565 | 1 Phpwebsite | 1 Phpwebsite | 2026-04-16 | N/A |
| The Announce module in phpWebSite 0.10.0 and earlier allows remote attackers to execute arbitrary PHP code by setting the Image field to reference a PHP file whose name contains a .gif.php extension. | ||||
| CVE-2005-0566 | 1 Kmint21 Software | 1 Golden Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command. | ||||
| CVE-2005-0568 | 1 Raven Software | 1 Soldier Of Fortune 2 | 2026-04-16 | N/A |
| Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference. | ||||
| CVE-2005-0569 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php. | ||||
| CVE-2005-0570 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL. | ||||
| CVE-2005-0571 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin parameter. | ||||
| CVE-2005-0572 | 1 Phpwebsite | 1 Phpwebsite | 2026-04-16 | N/A |
| index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information via an invalid SEA_search_module parameter, which reveals the path in a PHP error message. | ||||
| CVE-2005-0573 | 1 Rob Flynn | 1 Gaim | 2026-04-16 | N/A |
| Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service (client crash) via a file transfer in which the filename contains "(" or ")" (parenthesis) characters. | ||||
| CVE-2005-0574 | 1 Cupidsystems | 1 Cis Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL. | ||||