Search

Expected end of text, found 's' (at char 38), (line:1, col:39)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (345221 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2005-1280 2 Lbl, Redhat 2 Tcpdump, Enterprise Linux 2026-04-16 N/A
The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
CVE-2005-1285 1 Woltlab 1 Burning Board 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in thread.php in WoltLab Burning Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the hilight parameter.
CVE-2005-1291 1 Cartwiz 1 Asp Cart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in CartWIZ ASP Cart allow remote attackers to execute arbitrary SQL commands via the idProduct parameter to (1) addToCart.asp or (2) productDetails.asp, the (3) priceFrom, (4) idCategory, or (5) priceTo parameter to searchResults.asp, or (6) the idParentCategory parameter to productCatalogSubCats.asp.
CVE-2005-1293 1 Storeportal 1 Storeportal 2026-04-16 N/A
Multiple SQL injection vulnerabilities in default.asp in StorePortal 2.63 allow remote attackers to execute arbitrary SQL commands via the (1) language, (2) bpic, (3) idcategory, (4) content, (5) keyword, or (6) idproduct parameter.
CVE-2005-1302 1 Swsoft 1 Confixx 2026-04-16 N/A
SQL injection vulnerability in Confixx 3.08 and earlier allows remote attackers to execute arbitrary SQL commands via the "change user" field.
CVE-2005-1311 1 Yappa-ng 1 Yappa-ng 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Yappa-NG before 2.3.2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-1320 1 Horde 1 Mnemo 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title.
CVE-2005-1341 1 Apple 3 Mac Os X, Mac Os X Server, Terminal 2026-04-16 N/A
Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences.
CVE-2005-1346 1 Symantec 7 Antivirus Scan Engine, Mail Security, Norton Antivirus and 4 more 2026-04-16 N/A
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.
CVE-2005-1355 1 Includer.cgi 1 Includer.cgi 2026-04-16 N/A
includer.cgi in The Includer allows remote attackers to read arbitrary files via a full pathname in the argument, a similar vulnerability to CVE-2005-0801.
CVE-2005-1363 1 Metalinks 1 Metacart2 2026-04-16 N/A
Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp.
CVE-2005-1364 1 Metalinks 1 Metabid Auctions 2026-04-16 N/A
Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password fields in logIn.asp, or (3) intAuctionID parameter to item.asp.
CVE-2005-1366 1 Pico Server 1 Pico Server 2026-04-16 N/A
Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL.
CVE-2005-1367 1 Pico Server 1 Pico Server 2026-04-16 N/A
Pico Server (pServ) 3.2 and earlier allows local users to read arbitrary files as the pServ user via a symlink to a file outside of the web document root.
CVE-1999-0748 1 Redhat 1 Linux 2026-04-16 N/A
Buffer overflows in Red Hat net-tools package.
CVE-2005-1370 1 Hp 1 Openview Radia Management Portal 2026-04-16 N/A
Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2005-1371 1 Bulletproof 1 Bulletproof Ftp Server 2026-04-16 N/A
BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges.
CVE-2005-1372 1 Bakbone 1 Netvault 2026-04-16 N/A
nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu.
CVE-2005-1373 1 Dream4 1 Koobi Cms 2026-04-16 N/A
Multiple SQL injection vulnerabilities in index.php in Dream4 Koobi CMS 4.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) q or (2) p parameters.
CVE-2005-1375 1 Claroline 1 Claroline 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Claroline 1.5.3 through 1.6 Release Candidate 1, and possibly Dokeos, allow remote attackers to execute arbitrary SQL commands via (1) learningPath.php, (2) learningPathAdmin.php, (3) learnPath_details.php, (4) modules_pool.php, (5) module.php, (6) uInfo parameter in userInfo.php, or (7) exo_id parameter to exercises_details.php.