Export limit exceeded: 365268 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (365268 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-1999-0259 1 Infodrom 1 Cfingerd 2026-04-16 N/A
cfingerd lists all users on a system via search.**@target.
CVE-2005-3622 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.
CVE-2005-0521 1 Sendlink 1 Sendlink 2026-04-16 N/A
SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privileges.
CVE-2005-0513 1 Pmachine 1 Pmachine Pro 2026-04-16 N/A
PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions including pMachine Free, allows remote attackers to execute arbitrary PHP code by directly requesting mail_autocheck.php and modifying the pm_path parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2003-1086.
CVE-2005-0511 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code via nested variables in the template parameter.
CVE-2005-4705 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7, when a Java client application creates an SSL connection to the server after it has already created an insecure connection, will use the insecure connection, which allows remote attackers to sniff the connection.
CVE-2005-0503 2 Mandrakesoft, Uim 2 Mandrake Linux, Uim 2026-04-16 N/A
uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges.
CVE-2005-3592 1 Cutephp 1 Cutenews 2026-04-16 N/A
index.php CuteNews 1.4.0 and earlier allows remote attackers to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter.
CVE-2005-0496 1 Arkeia 1 Network Backup 2026-04-16 9.8 Critical
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
CVE-2005-4702 1 Ipbproarcade 1 Ipbproarcade 2026-04-16 N/A
SQL injection vulnerability in the favorites module in index.php in IPBProArcade 2.5.2 allows remote attackers to inject arbitrary SQL commands via the gameid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. In addition, the demonstration code as used by third parties suggests that this might be a different type of vulnerability related to shell metacharacters. Finally, this could be a rediscovery of CVE-2004-1430.
CVE-2005-3591 1 Macromedia 1 Flash Player 2026-04-16 N/A
Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an improper memory access condition, a different vulnerability than CVE-2005-2628.
CVE-2005-0493 1 Seth M. Knorr 1 Biz Mail Form 2026-04-16 N/A
CRLF injection vulnerability in bizmail.cgi in Biz Mail Form before 2.2 allows remote attackers to bypass the email check and send spam e-mail via CRLF sequences and forged mail headers in the email parameter.
CVE-2005-0490 2 Haxx, Redhat 3 Curl, Libcurl, Enterprise Linux 2026-04-16 8.8 High
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.
CVE-2005-0486 1 Tarantella 2 Secure Global Desktop, Tarantella Enterprise 2026-04-16 N/A
Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.
CVE-2005-0478 1 Trackercam 1 Trackercam 2026-04-16 N/A
Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP script.
CVE-2005-0469 2 Ncsa, Redhat 2 Telnet, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
CVE-2005-0337 3 Redhat, Suse, Wietse Venema 4 Enterprise Linux, Enterprise Linux Desktop, Suse Linux and 1 more 2026-04-16 N/A
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
CVE-2005-0344 1 Software602 1 602lan Suite 2026-04-16 N/A
Directory traversal vulnerability in 602LAN SUITE 2004.0.04.1221 allows remote authenticated users to upload and execute arbitrary files via a .. (dot dot) in the filename parameter.
CVE-2005-3531 1 Miklos Szeredi 1 Fuse 2026-04-16 N/A
fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters.
CVE-2005-4681 1 Khaled Mardam-bey 1 Mirc 2026-04-16 N/A
Buffer overflow in mIRC 5.91, 6.03, 6.12, and 6.16 allows local users to execute arbitrary code via a long string that is entered after reaching the DCC Get Folder Dialog. NOTE: this issue has been disputed by the vendor, saying "as far as I can tell, this is neither an exploit nor a vulnerability. The above report describes a local bug in mIRC." It could be that this is only exploitable by the user of the application, and thus would not cross privilege boundaries unless under an otherwise restrictive environment such as a kiosk