Export limit exceeded: 345097 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345097 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345097 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2887 | 1 Maxdev | 1 Md-pro | 2026-04-16 | N/A |
| MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) wiki.php, (2) AutoTheme directory, (3) Blocks directory, (4) admin.php, (5) pnadmin.php, or (6) Topics directory, which reveal the path in an error message. | ||||
| CVE-2005-3263 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name. | ||||
| CVE-2004-1735 | 1 Sympa | 1 Sympa | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. | ||||
| CVE-2005-2888 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter to misc.php or (2) Content-Disposition field in the HTTP header to newreply.php. | ||||
| CVE-2004-1739 | 1 Bird Chat | 1 Internet Chat Server | 2026-04-16 | N/A |
| Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users. | ||||
| CVE-2005-2889 | 1 Checkpoint | 1 Connectra Ngx | 2026-04-16 | N/A |
| Check Point NGX R60 does not properly verify packets against the predefined service group "CIFS" rule, which allows remote attackers to bypass intended restrictions. | ||||
| CVE-2005-3264 | 1 Zeroblog | 1 Zeroblog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in thread.php for Zeroblog 1.1f and 1.2a allows remote attackers to inject arbitrary web script or HTML via the threadID parameter. | ||||
| CVE-2004-1740 | 1 Music Daemon | 1 Music Daemon | 2026-04-16 | N/A |
| Music daemon (musicd) 0.0.3 and earlier allows remote attackers to read arbitrary files by calling LOAD with a full pathname, then calling SHOWLIST. | ||||
| CVE-2005-2890 | 1 Secureol | 1 Ve2 | 2026-04-16 | N/A |
| SecureOL VE2 1.05.1008 does not properly restrict public access to physical memory, which allows local users to bypass intended restrictions and gain access to the secured environment via direct access to the PhysicalMemory device. | ||||
| CVE-2005-3265 | 1 Skype Technologies | 1 Skype | 2026-04-16 | N/A |
| Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine. | ||||
| CVE-2004-1741 | 1 Music Daemon | 1 Music Daemon | 2026-04-16 | N/A |
| Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST. | ||||
| CVE-2005-2891 | 1 Csystems | 1 Webarchivex | 2026-04-16 | N/A |
| WebArchiveX.dll 5.5.0.76 installed before September 6th, 2005 is marked safe for scripting by default, which allows remote attackers to read or write to arbitrary files via the (1) MakeArchive or (2) MakeArchiveStr methods. | ||||
| CVE-2005-3267 | 1 Skype Technologies | 1 Skype | 2026-04-16 | N/A |
| Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow. | ||||
| CVE-2004-1749 | 1 Toplayer | 1 Attack Mitigator | 2026-04-16 | N/A |
| Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests. | ||||
| CVE-2005-2892 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| Directory traversal vulnerability in setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) in the u parameter. | ||||
| CVE-2005-3268 | 1 Raphael Bossek | 1 Yiff Server | 2026-04-16 | N/A |
| yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files. | ||||
| CVE-2004-1751 | 1 Massive Entertainment | 1 Ground Control Ii Operation Exodus | 2026-04-16 | N/A |
| Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error. | ||||
| CVE-2004-1752 | 1 Nakedsoft | 1 Gaucho | 2026-04-16 | N/A |
| Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header. | ||||
| CVE-2005-2894 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the user registration in PBLang 4.65, and possibly earlier versions, allows remote attackers to inject arbitrary web script or PHP via the location field. | ||||
| CVE-2004-1754 | 1 Symantec | 2 Enterprise Firewall, Gateway Security | 2026-04-16 | N/A |
| The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. | ||||