Export limit exceeded: 346637 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346637 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0558 | 1 Microsoft | 1 Word | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document. | ||||
| CVE-2005-0560 | 1 Microsoft | 1 Exchange Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in the SvrAppendReceivedChunk function in xlsasink.dll in the SMTP service of Exchange Server 2000 and 2003 allows remote attackers to execute arbitrary code via a crafted X-LINK2STATE extended verb request to the SMTP port. | ||||
| CVE-2005-0562 | 1 Microsoft | 1 Msn Messenger | 2026-04-16 | N/A |
| GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width. | ||||
| CVE-2005-4088 | 1 W2b | 1 Phpforumpro | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in phpForumPro 2.2 allows remote attackers to execute arbitrary SQL commands via the (1) parent and (2) day parameters. | ||||
| CVE-2005-0569 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PunBB 1.2.1 allow remote attackers to execute arbitrary SQL commands via the (1) language parameter to register.php, (2) change email feature in profile.php, (3) posts or (4) topics parameter to moderate.php. | ||||
| CVE-2005-0570 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL. | ||||
| CVE-2005-0571 | 1 Punbb | 1 Punbb | 2026-04-16 | N/A |
| admin_loader.php in PunBB 1.2.1 allows remote attackers to read arbitrary files via the plugin parameter. | ||||
| CVE-2005-0572 | 1 Phpwebsite | 1 Phpwebsite | 2026-04-16 | N/A |
| index.php in phpWebSite 0.10.0 and earlier allows remote attackers to obtain sensitive information via an invalid SEA_search_module parameter, which reveals the path in a PHP error message. | ||||
| CVE-2005-0574 | 1 Cupidsystems | 1 Cis Webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in CIS WebServer 3.5.13 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the URL. | ||||
| CVE-2005-0575 | 1 Stormy Studios | 1 Knet | 2026-04-16 | N/A |
| Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2005-4192 | 1 Horde | 1 Mnemo Note Manager H3 | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in templates/notepads/notepads.inc in Horde Mnemo Note Manager H3 before 2.0.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) the notepad's name or (2) description, when creating a new notepad. | ||||
| CVE-2005-0568 | 1 Raven Software | 1 Soldier Of Fortune 2 | 2026-04-16 | N/A |
| Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference. | ||||
| CVE-2005-4089 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer allows remote attackers to bypass cross-domain security restrictions and obtain sensitive information by using the @import directive to download files from other domains that are not valid Cascading Style Sheets (CSS) files, as demonstrated using Google Desktop, aka "CSSXSS" and "CSS Cross-Domain Information Disclosure Vulnerability." | ||||
| CVE-2005-4193 | 1 Usebb | 1 Usebb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in UseBB before 0.7 allows remote attackers to inject arbitrary web script or HTML via the $_SERVER['PHP_SELF'] variable. | ||||
| CVE-2005-0579 | 1 Freenx | 1 Freenx | 2026-04-16 | N/A |
| nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication. | ||||
| CVE-2005-0580 | 1 Krzysztof Dabrowski | 1 Cmd5checkpw | 2026-04-16 | N/A |
| cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file. | ||||
| CVE-2005-0584 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2026-04-16 | N/A |
| Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks. | ||||
| CVE-2005-0576 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files. | ||||
| CVE-2005-0583 | 1 Broadcom | 1 License Software | 2026-04-16 | N/A |
| Directory traversal vulnerability in Computer Associates (CA) License Client 0.1.0.15 allows remote attackers to create arbitrary files via .. (dot dot) sequences in a PUTOLF request. | ||||
| CVE-2005-0587 | 1 Mozilla | 2 Firefox, Mozilla | 2026-04-16 | 6.5 Medium |
| Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file. | ||||