Export limit exceeded: 344999 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344999 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344999 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0009 | 1 Lotus | 1 Domino Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. | ||||
| CVE-2005-1549 | 1 Colored Scripts | 1 Easy Message Board | 2026-04-16 | N/A |
| Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print parameter. | ||||
| CVE-2005-1562 | 1 Maxwebportal | 1 Maxwebportal | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MaxWebPortal 1.3.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fpassword parameter to inc_functions.asp, (2) txtAddress, (3) message, or (4) subject parameter to post_info.asp, (5) andor parameter to search.asp, (6) verkey parameter to pop_profile.asp, or (7) Remove or (8) Delete parameter to pm_delete2.asp. | ||||
| CVE-2005-1568 | 1 Directtopics | 1 Directtopics | 2026-04-16 | N/A |
| topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message. | ||||
| CVE-2005-1573 | 1 Darrel Oneil | 1 Asp Virtual News Manager | 2026-04-16 | N/A |
| SQL injection vulnerability in admin_login.asp for ASP Virtual News Manager allows remote attackers to execute arbitrary SQL commands via the password parameter. | ||||
| CVE-2006-1446 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked. | ||||
| CVE-2005-1574 | 1 Microsoft | 1 Windows Media Player | 2026-04-16 | N/A |
| Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled. | ||||
| CVE-2005-1575 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160. | ||||
| CVE-2005-1586 | 1 Open Solution | 1 Quick.forum | 2026-04-16 | N/A |
| Quick.Forum 2.1.6 stores potentially sensitive information such as usernames, banned IP addresses, censored words, and backups under the web document root, which allows remote attackers to obtain that information via a direct request to (1) db/users.txt, (2) db/banList.txt, (3) db/censureWords.txt, or (4) backup files. | ||||
| CVE-2005-1588 | 1 Open Solution | 1 Quick.cart | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php for Quick.cart 0.3.0 allows remote attackers to execute arbitrary SQL commands via the iCategory parameter. NOTE: the vendor has privately disputed this issue, saying that Quick.cart does not even use SQL and therefore can not be vulnerable to SQL injection | ||||
| CVE-2006-1447 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| LaunchServices in Apple Mac OS X 10.4.6 allows remote attackers to cause Safari to launch unsafe content via long file name extensions, which prevents Download Validation from determining which application will be used to open the file. | ||||
| CVE-2006-1450 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes. | ||||
| CVE-2006-1453 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file containing malformed font information. | ||||
| CVE-2005-1590 | 1 Altiris | 2 Client Service, Deployment Solution | 2026-04-16 | N/A |
| The Altiris Client Service for Windows (ACLIENT.EXE) 6.0.88 allows local users to disable password protection and access the administrative interface by finding and showing the "Altiris Client Service" hidden window, disabling the password protection, disabling the "Hide client tray icon box" option, then opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2004-2070. | ||||
| CVE-2005-1592 | 1 Birdblog | 1 Birdblog | 2026-04-16 | N/A |
| Multiple "javascript vulerabilities in BB code" in BirdBlog before 1.3.1 allow remote attackers to inject arbitrary Javascript. | ||||
| CVE-2005-1604 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2026-04-16 | N/A |
| PHP Advanced Transfer Manager (phpATM) 1.21 allows remote attackers to upload arbitrary files via filenames containing multiple file extensions, as demonstrated using a filename ending in "php.ns", which allows execution of arbitrary PHP code. | ||||
| CVE-2005-1614 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the postorder parameter. | ||||
| CVE-2005-1616 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | N/A |
| viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid (1) id or possibly (2) postorder parameter, which reveals the path in an error message when a file can not be opened. | ||||
| CVE-2005-1626 | 1 Pico Server | 1 Pico Server | 2026-04-16 | N/A |
| Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code. | ||||
| CVE-2006-1454 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickDraw PICT image format file with malformed image data. | ||||