Export limit exceeded: 346641 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346641 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0516 | 1 Twiki | 1 Imagegalleryplugin | 2026-04-16 | N/A |
| The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote attackers to execute arbitrary commands via certain commands that generate thumbnails. | ||||
| CVE-2005-0522 | 1 Lionmax Software | 1 Chat Anywhere | 2026-04-16 | N/A |
| Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges. | ||||
| CVE-2005-4177 | 1 Cfmagic | 2 Magic Book Personal, Magic Book Professional | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in book.cfm in Magic Book Personal and Professional 2.0 allows remote attackers to inject arbitrary web script or HTML via the StartRow parameter. | ||||
| CVE-2005-0530 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument. | ||||
| CVE-2005-4082 | 1 Qnx | 1 Qnx | 2026-04-16 | N/A |
| The dhcp.client program for QNX 4.25 vmware is setuid, possibly by default, which allows local users to modify the NIC configuration and conduct other attacks. | ||||
| CVE-2005-4189 | 1 Horde | 1 Kronolith H3 | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith H3 before 2.0.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the Calendar name field when creating calendars, (2) event title field when deleting events, the (3) Category and (4) Location search fields, and the (5) attendees email address fields when editing event attendees, and possibly other vectors. | ||||
| CVE-2005-0534 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allow remote attackers to inject arbitrary web script. | ||||
| CVE-2005-4085 | 1 Bluecoat | 2 Proxyav, Webproxy | 2026-04-16 | N/A |
| Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header. | ||||
| CVE-2005-0538 | 1 Ginp | 1 Ginp | 2026-04-16 | N/A |
| Directory traversal vulnerability in (1) GinpPictureServlet.java and (2) PicCollection.java in ginp (Java Photo Gallery Web Application) before 0.22 allows remote attackers to read arbitrary files. | ||||
| CVE-2005-4190 | 1 Horde | 1 Horde Application Framework | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Horde Application Framework before 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by (1) the identity field, (2) Category and (3) Label search fields, (4) the Mobile Phone field, and (5) Date and (6) Time fields when importing CSV files, as exploited through modules such as (a) Turba Address Book, (b) Kronolith, (c) Mnemo, and (d) Nag. | ||||
| CVE-2005-0539 | 1 Ibm | 1 Hardware Management Console | 2026-04-16 | N/A |
| Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard. | ||||
| CVE-2005-4086 | 1 Sugarcrm | 1 Sugar Suite | 2026-04-16 | N/A |
| Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | ||||
| CVE-2005-4191 | 1 Horde | 1 Nag Task List Manager H3 | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in templates/tasklists/tasklists.inc in Horde Nag Task List Manager H3 before 2.0.4 allow remote authenticated users to inject arbitrary web script or HTML via (1) the tasklist's name or (2) description, when creating a new tasklist. | ||||
| CVE-2005-0547 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access to files." | ||||
| CVE-2005-0548 | 1 Sun | 1 Solaris Answerbook2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search function. | ||||
| CVE-2005-0553 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability". | ||||
| CVE-2005-0546 | 2 Cyrus, Redhat | 2 Imapd, Enterprise Linux | 2026-04-16 | N/A |
| Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd. | ||||
| CVE-2005-0549 | 1 Sun | 1 Solaris Answerbook2 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function. | ||||
| CVE-2005-4087 | 1 Sugarcrm | 1 Sugar Suite | 2026-04-16 | N/A |
| PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter. | ||||
| CVE-2005-0555 | 1 Microsoft | 1 Internet Explorer | 2026-04-16 | N/A |
| Buffer overflow in the Content Advisor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a crafted Content Advisor file, aka "Content Advisor Memory Corruption Vulnerability." | ||||