Export limit exceeded: 344962 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344962 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3066 | 1 Scriptsolutions | 1 Perldiver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver 1.x allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: this issue was originally disputed by the vendor, but it has since been acknowledged. | ||||
| CVE-2005-3249 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unspecified vulnerability in the WSP dissector in Ethereal 0.10.1 to 0.10.12 allows remote attackers to cause a denial of service or corrupt memory via unknown vectors that cause Ethereal to free an invalid pointer. | ||||
| CVE-2005-2831 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, aka a variant of the "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2127. | ||||
| CVE-2005-2836 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum 5.0.17a and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to register.php or (2) a signature of a logged-in user in "My Control Center," which is not properly handled by control.php. | ||||
| CVE-2005-2837 | 1 Plainblack | 1 Webgui | 2026-04-16 | N/A |
| Multiple eval injection vulnerabilities in PlainBlack Software WebGUI before 6.7.3 allow remote attackers to execute arbitrary Perl code via (1) Help.pm, (2) International.pm, or (3) WebGUI.pm. | ||||
| CVE-2005-2838 | 1 Mywebland | 1 Mybloggie | 2026-04-16 | N/A |
| SQL injection vulnerability in login.php in myBloggie 2.1.3-beta and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||
| CVE-2005-3068 | 1 Eric Integrated Development Environment | 1 Eric Integrated Development Environment | 2026-04-16 | N/A |
| Unspecified vulnerability in Eric Integrated Development Environment (eric3) before 3.7.2 has unknown impact and attack vectors related to a "potential security exploit." | ||||
| CVE-2005-2839 | 1 Maxdev | 1 Md-pro | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via (1) dl-search.php or (2) wl-search.php. | ||||
| CVE-2005-2843 | 1 Helpdesk Software | 1 Hesk | 2026-04-16 | N/A |
| Helpdesk software Hesk 0.92 does not properly verify usernames and passwords, which allows remote attackers to bypass authentication via a direct request to admin_main.php. | ||||
| CVE-2005-3069 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the xferfax$$ temporary file. | ||||
| CVE-2005-2845 | 1 Ariba | 1 Ariba Spend Management Solutions | 2026-04-16 | N/A |
| Ariba Spend Management System sends the username and password to the server in plaintext in a POST request, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-3070 | 1 Hylafax | 1 Hylafax | 2026-04-16 | N/A |
| HylaFax 4.2.1 and earlier does not create or verify ownership of the UNIX domain socket, which might allow local users to read faxes and cause a denial of service by creating the socket using the hyla.unix temporary file. | ||||
| CVE-2005-2846 | 1 Cmsmadesimple | 1 Cms Made Simple | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in lang.php in CMS Made Simple 0.10 and earlier allows remote attackers to execute arbitrary PHP code via the nls[file][vx][vxsfx] parameter. | ||||
| CVE-2005-3071 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. | ||||
| CVE-2005-2847 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2026-04-16 | N/A |
| img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. | ||||
| CVE-2005-3072 | 1 Interchange Development Group | 1 Interchange | 2026-04-16 | N/A |
| SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-1362 | 1 Oracle | 9 Application Server, Collaboration Suite, E-business Suite and 6 more | 2026-04-16 | N/A |
| The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters. | ||||
| CVE-2005-2848 | 1 Barracuda Networks | 1 Barracuda Spam Firewall | 2026-04-16 | N/A |
| Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | ||||
| CVE-2005-2850 | 1 Whitsoft Development | 1 Slimftpd | 2026-04-16 | N/A |
| SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error. | ||||
| CVE-2005-2851 | 1 Smb4k | 1 Smb4k | 2026-04-16 | N/A |
| smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a symlink attack on the (1) smb4k.tmp or (2) sudoers temporary files. | ||||