Export limit exceeded: 364487 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364487 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3139 | 1 Mozilla | 1 Bugzilla | 2026-04-16 | N/A |
| Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set. | ||||
| CVE-2005-4057 | 1 Jonathan Beckett | 1 Pluggedout Nexus | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in PluggedOut Nexus 0.1 allows remote attackers to inject arbitrary web script or HTML via the (1) Location, (2) Last Name, and (3) First Name parameters. | ||||
| CVE-2005-1078 | 1 Xampp | 1 Apache Distribution | 2026-04-16 | N/A |
| XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges. | ||||
| CVE-2005-3826 | 1 Ezy Helpdesk | 1 Ezyhelpdesk | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) edit_id, (2) faq_id, and (3) c_id parameters in a query string, and (4) the search engine, possibly involving the search_string parameter. | ||||
| CVE-2005-3140 | 1 Procom | 2 Netforce 800, Netforce 800 Firmware | 2026-04-16 | 7.5 High |
| Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain the cleartext NIS password hashes. | ||||
| CVE-2005-3141 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ. | ||||
| CVE-2005-1085 | 1 Aewebworks | 1 Aedating | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the control panel in aeDating 3.2 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2005-3142 | 1 Kaspersky Lab | 4 Kaspersky Anti-virus, Kaspersky Anti-virus Personal, Kaspersky Anti-virus Personal Pro and 1 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header. | ||||
| CVE-2005-1086 | 1 An | 1 An-httpd | 2026-04-16 | N/A |
| Buffer overflow in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to execute arbitrary code via an HTTP request with a long User-Agent header. | ||||
| CVE-2005-1088 | 1 Dameware Development | 2 Mini Remote Control, Nt Utilities | 2026-04-16 | N/A |
| Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights. | ||||
| CVE-2005-1095 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. | ||||
| CVE-2005-1099 | 1 Salim Gasmi | 1 Gld | 2026-04-16 | N/A |
| Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code. | ||||
| CVE-2005-1100 | 1 Salim Gasmi | 1 Gld | 2026-04-16 | N/A |
| Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog. | ||||
| CVE-2005-3143 | 1 4d | 1 Webstar | 2026-04-16 | N/A |
| Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2. | ||||
| CVE-2005-3144 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2026-04-16 | N/A |
| httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers. | ||||
| CVE-2005-3145 | 1 Standards Based Linux Instrumentation | 1 Sblim-sfcb | 2026-04-16 | N/A |
| httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service (resource consumption) by connecting to sblim-sfcb but not sending any data. | ||||
| CVE-2005-1109 | 1 Junkbuster | 1 Internet Junkbuster | 2026-04-16 | N/A |
| The filtering of URLs in JunkBuster before 2.0.2-r3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via heap corruption. | ||||
| CVE-2005-1135 | 1 Alexander Palmo | 1 Simple Php Blog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-1147 | 1 Calendarscript | 1 Calendarscript | 2026-04-16 | N/A |
| calendar.pl in CalendarScript 3.20 allows remote attackers to obtain sensitive information via invalid (1) calendar or (2) template parameters, which leaks the full pathname and debug information. | ||||
| CVE-2005-1150 | 1 Sun | 1 Java System Web Server | 2026-04-16 | N/A |
| Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang). | ||||