Export limit exceeded: 344977 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344977 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2680 | 1 Oracle | 1 Weblogic Portal | 2026-04-16 | N/A |
| Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP4, when using entitlements, allows remote attackers to bypass access restrictions for the pages of a Book via crafted URLs. | ||||
| CVE-2005-2681 | 1 Cisco | 1 Ips Sensor Software | 2026-04-16 | N/A |
| Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. | ||||
| CVE-2005-2682 | 1 Dtlink | 1 Areaedit | 2026-04-16 | N/A |
| aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before 0.4.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the dictionary parameter (aka the lang variable). | ||||
| CVE-2004-0642 | 3 Debian, Mit, Redhat | 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more | 2026-04-16 | N/A |
| Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-2683 | 1 Phpkit | 1 Phpkit | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in PHPKit 1.6.1 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to login/member.php or (2) im_receiver parameter to login/imcenter.php. | ||||
| CVE-2005-2684 | 1 Virtech | 1 Netquery | 2026-04-16 | N/A |
| nquser.php in Virtual Edge Netquery 3.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter to a dig query. | ||||
| CVE-2004-0643 | 3 Debian, Mit, Redhat | 6 Debian Linux, Kerberos 5, Enterprise Linux and 3 more | 2026-04-16 | N/A |
| Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. | ||||
| CVE-2005-2685 | 1 Savewebportal | 1 Savewebportal | 2026-04-16 | N/A |
| SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package. | ||||
| CVE-2004-0650 | 1 Newatlanta | 1 Servletexec | 2026-04-16 | N/A |
| UploadServlet in Cisco Collaboration Server (CCS) running ServletExec before 3.0E allows remote attackers to upload and execute arbitrary files via a direct call to the UploadServlet URL. | ||||
| CVE-2004-0651 | 1 Sun | 2 Jre, Sdk | 2026-04-16 | N/A |
| Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang). | ||||
| CVE-2004-0652 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and WebLogic Express 7.0 through 7.0 Service Pack 4, and 8.1 through 8.1 Service Pack 2, allows attackers to obtain the username and password for booting the server by directly accessing certain internal methods. | ||||
| CVE-2005-2686 | 1 Savewebportal | 1 Savewebportal | 2026-04-16 | N/A |
| Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php. | ||||
| CVE-2004-0653 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. | ||||
| CVE-2004-0654 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic). | ||||
| CVE-2004-0655 | 1 Esearch | 1 Emerge Search Tool | 2026-04-16 | N/A |
| eupdatedb in esearch 0.6.1 and earlier allows local users to create arbitrary files via a symlink attack on the esearchdb.py.tmp temporary file. | ||||
| CVE-2005-1876 | 1 Cutephp | 1 Cutenews | 2026-04-16 | 4.5 Medium |
| Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code via certain inputs that are injected into a template (.tpl) file. | ||||
| CVE-2005-2689 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via (1) the moderate parameter to the Comments module or (2) htmltext parameter to html/user.php. | ||||
| CVE-2005-2690 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php. | ||||
| CVE-2005-4650 | 1 Joomla | 1 Joomla\! | 2026-04-16 | 5.3 Medium |
| Joomla! 1.03 does not restrict the number of "Search" Mambots, which allows remote attackers to cause a denial of service (resource consumption) via a large number of Search Mambots. | ||||
| CVE-2004-0657 | 2 Hp, Ntp | 2 Tru64 Unix, Ntp | 2026-04-16 | 7.1 High |
| Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. | ||||