Export limit exceeded: 359674 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359674 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1384 | 1 Coinsoft Technologies | 1 Phpcoin | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in phpCoin 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) search parameter to index.php, (2) phpcoinsessid parameter to login.php, (3) id, (4) dtopic_id, or (5) dcat_id to mod.php. | ||||
| CVE-2005-1386 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) ipban.php, (2) db.php, (3) lang-norwegian.php, (4) lang-indonesian.php, (5) lang-greek.php, (6) a request to Web_Links with the portuguese language (lang-portuguese.php), (7) a request to Web_Links with the indonesian language (lang-indonesian.php), (8) a request to the survey module with the indonesian language (lang-indonesian.php), (9) a request to the Reviews module with the portuguese language, or (10) a request to the Journal module with the portuguese language, which reveal the path in an error message. | ||||
| CVE-2005-1391 | 1 Apsis | 1 Pound | 2026-04-16 | N/A |
| Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header. | ||||
| CVE-2005-1392 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script. | ||||
| CVE-2005-1394 | 1 Esri | 1 Arcinfo Workstation | 2026-04-16 | N/A |
| Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr. | ||||
| CVE-2005-1395 | 1 Swlink | 1 Ce Ceterm | 2026-04-16 | N/A |
| Buffer overflow in Ce/Ceterm (aka ARPUS/Ce) 2.5.4 and earlier may allow local users to gain privileges via a long (1) XAPPLRESLANGPATH or (2) XAPPLRESDIR environment variable, or (3) command line argument. | ||||
| CVE-2005-3238 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. | ||||
| CVE-2005-1404 | 1 Myphp Forum | 1 Myphp Forum | 2026-04-16 | N/A |
| MyPHP Forum 1.0 allows remote attackers to spoof the username by modifying the (1) nbuser parameter to post.php or (2) sender parameter to privmsg.php. | ||||
| CVE-2005-3242 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled. | ||||
| CVE-2005-1407 | 1 Skype Technologies | 1 Skype | 2026-04-16 | N/A |
| Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. | ||||
| CVE-2005-3252 | 1 Sourcefire | 1 Snort | 2026-04-16 | N/A |
| Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet. | ||||
| CVE-2005-3666 | 1 Internet Key Exchange | 1 Internet Key Exchange | 2026-04-16 | N/A |
| Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. | ||||
| CVE-2005-1414 | 1 Exoticsoft | 1 Filepocket | 2026-04-16 | N/A |
| ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges. | ||||
| CVE-2005-3253 | 2 Avaya, Proxim | 10 Wireless Ap-3, Wireless Ap-4, Wireless Ap-5 and 7 more | 2026-04-16 | N/A |
| Wireless Access Points (AP) for (1) Avaya AP-3 through AP-6 2.5 to 2.5.4, and AP-7/AP-8 2.5 and other versions before 3.1, and (2) Proxim AP-600 and AP-2000 before 2.5.5, and Proxim AP-700 and AP-4000 after 2.4.11 and before 3.1, use a static WEP key of "12345", which allows remote attackers to bypass authentication. | ||||
| CVE-2005-1415 | 1 Globalscape | 1 Secure Ftp Server | 2026-04-16 | N/A |
| Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command. | ||||
| CVE-2005-1416 | 1 Soft3304 | 1 04webserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. | ||||
| CVE-2005-3260 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php. | ||||
| CVE-2005-1418 | 1 Netleaf Limited | 1 Notjustbrowsing | 2026-04-16 | N/A |
| NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges. | ||||
| CVE-2005-4075 | 1 Mycfnuke | 1 Cf Nuke | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in CF_Nuke 4.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) newsid parameter in the news sector, and (3) cat parameter in the links sector. | ||||
| CVE-2005-3267 | 1 Skype Technologies | 1 Skype | 2026-04-16 | N/A |
| Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow. | ||||