Export limit exceeded: 13717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346772 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1648 | 1 Gurgens | 1 Gurgens Ultimate Forum | 2026-04-16 | N/A |
| Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords. | ||||
| CVE-2005-1650 | 1 Woppoware | 1 Postmaster | 2026-04-16 | N/A |
| The web mail service in Woppoware PostMaster 4.2.2 (build 3.2.5) generates different error messages depending on whether a user exists or not, which allows remote attackers to determine valid usernames. | ||||
| CVE-2005-1651 | 1 Woppoware | 1 Postmaster | 2026-04-16 | N/A |
| Directory traversal vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the wmm parameter. | ||||
| CVE-2005-1653 | 1 Woppoware | 1 Postmaster | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in message.htm for Woppoware PostMaster 4.2.2 (build 3.2.5) allows remote attackers to inject arbitrary web script or HTML via the email parameter. | ||||
| CVE-2005-4316 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | ||||
| CVE-2005-4468 | 1 Phpgedview | 1 Phpgedview | 2026-04-16 | N/A |
| PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter. | ||||
| CVE-2005-1654 | 1 Hostingcontroller | 1 Hosting Controller | 2026-04-16 | N/A |
| Hosting Controller 6.1 Hotfix 1.9 and earlier allows remote attackers to register arbitrary users via a direct request to addsubsite.asp with the loginname and password parameters set. | ||||
| CVE-2005-1655 | 1 Aol | 1 Instant Messenger | 2026-04-16 | N/A |
| AOL Instant Messenger 5.5.x and earlier allows remote attackers to cause a denial of service (client crash) via an invalid smiley icon location in the sml parameter of a font tag. | ||||
| CVE-2005-1656 | 1 Mercur | 1 Mercur Messaging | 2026-04-16 | N/A |
| Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20"). | ||||
| CVE-2005-1657 | 1 Mercur | 1 Mercur Messaging | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in Mercur Messaging 2005 SP2 allow remote attackers to perform unauthorized file operations via the Folder.Id parameter to (1) deletefolder.ctml, (2) deletemessage.ctml, (3) origmessage.ctml, or (4) readmessage.ctml, the Message.Id parameter to editmessage.ctml, or the (5) Message.Command parameter to messages.ctml. | ||||
| CVE-2005-1658 | 1 Myserver | 1 Myserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot). | ||||
| CVE-2005-1659 | 1 Myserver | 1 Myserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event. | ||||
| CVE-2005-1661 | 1 Jeuce | 1 Jeuce Personal Web Server | 2026-04-16 | N/A |
| Jeuce Personal Webserver 2.13 allows remote attackers to cause a denial of service (server crash) via a long GET request, possibly triggering a buffer overflow. | ||||
| CVE-2005-4320 | 1 Limbo Cms | 1 Limbo Cms | 2026-04-16 | N/A |
| Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the application via a direct request to (1) doc.inc.php, (2) element.inc.php, and (3) node.inc.php, which leaks the path in an error message. | ||||
| CVE-2005-4471 | 1 Avaya | 1 Modular Messaging Message Storage Server | 2026-04-16 | N/A |
| POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted packets. | ||||
| CVE-2005-1668 | 1 Yusasp | 1 Web Asset Manager | 2026-04-16 | N/A |
| YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to assetmanager.asp. | ||||
| CVE-2005-1669 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains. | ||||
| CVE-2005-4321 | 1 Apani Networks | 1 Epiforce Agent | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Apani Networks EpiForce 1.9 and earlier running IPSec, allow remote attackers to cause a denial of service (crash) via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-4472 | 1 Macromedia | 1 Jrun | 2026-04-16 | N/A |
| Stack-based buffer overflow in the Macromedia JRun 4 web server (JWS) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request that is not properly handled during conversion to wide characters. | ||||
| CVE-2005-1675 | 1 Groove | 2 Groove Workspace, Virtual Office | 2026-04-16 | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | ||||