Export limit exceeded: 344983 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344983 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344983 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0273 | 1 Photopost | 1 Photopost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) ppuser parameter. | ||||
| CVE-2005-0277 | 1 3com | 1 3cdaemon | 2026-04-16 | N/A |
| Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls. | ||||
| CVE-2005-0278 | 1 3com | 1 3cdaemon | 2026-04-16 | N/A |
| The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name, which reveals the installation path in an error message. | ||||
| CVE-2005-0279 | 1 Jowood Productions | 1 Soldner Secret Wars | 2026-04-16 | N/A |
| Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet. | ||||
| CVE-2005-0303 | 1 Comersus Open Technologies | 1 Comersus Backoffice Lite | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_supportError.asp or (2) comersus_backofficelite_supportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error parameter. | ||||
| CVE-2005-0305 | 1 Siteman | 1 Siteman | 2026-04-16 | N/A |
| CRLF injection vulnerability in users.php in Siteman 1.1.10 and earlier allows remote attackers to add arbitrary users and gain privileges via the line parameter in a docreate operation. | ||||
| CVE-2005-0324 | 1 Captaris | 1 Infinite Mobile Delivery Webmail | 2026-04-16 | N/A |
| Infinite Mobile Delivery Webmail 2.6 allows remote attackers to gain sensitive information via an HTTP request that contains invalid characters for a Windows foldername, which reveals the path in an error message. | ||||
| CVE-2005-0326 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script. | ||||
| CVE-2005-0327 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php. | ||||
| CVE-2005-0329 | 1 Zipgenius | 1 Zipgenius | 2026-04-16 | N/A |
| Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. (dot dot) sequences. | ||||
| CVE-2005-0330 | 1 People Can Fly | 1 Painkiller | 2026-04-16 | N/A |
| Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long cd-key hash. | ||||
| CVE-2005-0331 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... (triple dot) in the filename of the ZIP file. | ||||
| CVE-2005-0332 | 1 Ventia | 1 Desknow Mail And Collaboration Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in DeskNow Mail and Collaboration Server 2.5.12 allows remote attackers to (1) upload and possibly execute files outside the directory via the AttachmentsKey parameter to attachment.do, as demonstrated using JSP pages, or (2) delete arbitrary files via the select_file parameter to file.do. | ||||
| CVE-2005-0333 | 1 Lanchat Pro Revival | 1 Lanchat Pro Revival | 2026-04-16 | N/A |
| LANChat Pro Revival 1.666c allows remote attackers to cause a denial of service (application crash) via a malformed UDP packet. | ||||
| CVE-2005-0336 | 1 Emotion | 1 Mediapartner Web Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to inject arbitrary HTML or web script, as demonstrated using a URL containing .. sequences and HTML, which results in a directory browsing page that does not properly filter the HTML. | ||||
| CVE-2005-0338 | 1 Savant | 1 Savant Webserver | 2026-04-16 | N/A |
| Buffer overflow in Savant Web Server 3.1 allows remote attackers to execute arbitrary code via a long HTTP request. | ||||
| CVE-2005-0339 | 1 Foxmail | 1 Foxmail Email Server | 2026-04-16 | N/A |
| Buffer overflow in Foxmail 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long MAIL FROM command. | ||||
| CVE-2004-0567 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2026-04-16 | N/A |
| The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability." | ||||
| CVE-2004-0568 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Nt and 1 more | 2026-04-16 | N/A |
| HyperTerminal application for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the length of a value that is saved in a session file, which allows remote attackers to execute arbitrary code via a malicious HyperTerminal session file (.ht), web site, or Telnet URL contained in an e-mail message, triggering a buffer overflow. | ||||
| CVE-2004-0572 | 1 Microsoft | 1 Grpconv | 2026-04-16 | N/A |
| Buffer overflow in the Windows Program Group Converter (grpconv.exe) may allow remote attackers to execute arbitrary code via a shell: URL with a long filename and a .grp extension, which is not properly handled when the shell capability launches grpconv.exe. | ||||