Export limit exceeded: 344942 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 344942 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (344942 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1345 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
CVE-2005-1354 1 Forum.pl 1 Forum.pl 2026-04-16 N/A
The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
CVE-2005-4254 1 Dreamlevels 1 Dream Poll 2026-04-16 N/A
SQL injection vulnerability in view_Results.php in DreamLevels DreamPoll 3.0 final allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-1349 1 Perl 1 Convert Uulib 2026-04-16 N/A
Buffer overflow in Convert-UUlib (Convert::UUlib) before 1.051 allows remote attackers to execute arbitrary code via a malformed parameter to a read operation.
CVE-2005-1351 1 Leif M. Wright 1 Ad.cgi 2026-04-16 N/A
The ad.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
CVE-2005-1352 1 Leif M. Wright 1 Ad.cgi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the ad.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.
CVE-2005-1353 1 Forum.pl 1 Forum.pl 2026-04-16 N/A
The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2005-4455 1 Livejournal 1 Livejournal 2026-04-16 N/A
cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi.
CVE-2005-1350 1 Leif M. Wright 1 Ad.cgi 2026-04-16 N/A
The ad.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2005-4261 1 Positive Software 1 Cp\+ 2026-04-16 N/A
Unspecified vulnerability in Positive Software Corporation CP+ (cpplus) before 2.5.5 allows attackers to have unknown impact and attack vectors, related to "a possible security flaw caused by a bug in Perl." NOTE: unless CP+ includes its own copy of Perl with CVE-2005-3962, this is a different vulnerability than CVE-2005-3962; however, there is insufficient information to be sure.
CVE-2005-1357 1 Text.cgi 1 Text.cgi 2026-04-16 N/A
text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2005-1358 1 Text.cgi 1 Text.cgi 2026-04-16 N/A
text.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
CVE-2005-1359 1 Text.cgi 1 Text.cgi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in text.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument.
CVE-2005-1360 1 Graycms 1 Graycms 2026-04-16 N/A
PHP remote file inclusion vulnerability in error.php in GrayCMS 1.1 allows remote attackers to execute arbitrary PHP code by modifying the path_prefix parameter to reference a URL on a remote web server that contains the code.
CVE-2005-1362 1 Metalinks 1 Metacart2 2026-04-16 N/A
Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp.
CVE-2005-1356 1 Includer.cgi 1 Includer.cgi 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in includer.cgi script in The Includer allows remote attackers to inject arbitrary web script or HTML via the argument.
CVE-2005-4266 1 Alt-n 2 Mdaemon, Worldclient 2026-04-16 N/A
WorldClient.dll in Alt-N MDaemon and WorldClient 8.1.3 trusts a Session parameter that contains a randomly generated session ID that is associated with a username, which allows remote attackers to perform actions as other users by guessing or sniffing the random value.
CVE-2005-4269 1 Microsoft 3 Ie, Windows 2003 Server, Windows Xp 2026-04-16 N/A
mshtml.dll in Microsoft Windows XP, Server 2003, and Internet Explorer 6.0 SP1 allows attackers to cause a denial of service (access violation) by causing mshtml.dll to process button-focus events at the same time that a document is reloading, as seen in Microsoft Office InfoPath 2003 by repeatedly clicking the "Delete" button in a repeating section in a form. NOTE: the normal operation of InfoPath appears to involve a local user without any privilege boundaries, so this might not be a vulnerability in InfoPath. If no realistic scenarios exist for this problem in other products, then perhaps it should be excluded from CVE.
CVE-2005-4271 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in the malloc debug system in IBM AIX 5.3 allows local users to execute arbitrary code.
CVE-2005-1395 1 Swlink 1 Ce Ceterm 2026-04-16 N/A
Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may allow local users to gain privileges via a long (1) XAPPLRESLANGPATH or (2) XAPPLRESDIR environment variable, or (3) command line argument.