Export limit exceeded: 361783 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361783 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2610 | 1 Vegadns | 1 Vegadns | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter. | ||||
| CVE-2005-2612 | 1 Wordpress | 1 Wordpress | 2026-04-16 | N/A |
| Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie. | ||||
| CVE-2005-2613 | 1 Cpaint | 1 Cpaint | 2026-04-16 | N/A |
| Unknown vulnerability in CPAINT Ajax Toolkit before 1.3-SP allows attackers to execute arbitrary PHP or ASP code or read files via unknown vectors. | ||||
| CVE-2005-2616 | 1 Ezupload | 1 Ezupload | 2026-04-16 | N/A |
| Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php. | ||||
| CVE-2005-2617 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers. | ||||
| CVE-2005-2619 | 2 Autonomy, Ibm | 4 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk and 1 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview. | ||||
| CVE-2005-2620 | 1 Novell | 1 Groupwise | 2026-04-16 | N/A |
| grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory. | ||||
| CVE-2005-2621 | 1 Ecw-shop | 1 Ecw-shop | 2026-04-16 | N/A |
| index.php in ECW-Shop 6.0.2 allows remote attackers to obtain sensitive information via the (1) min or (2) max parameter with a "'" (single quote), which reveals the path in an error message, possibly due to a SQL injection vulnerability. | ||||
| CVE-2005-2626 | 1 Kismet | 1 Kismet | 2026-04-16 | N/A |
| Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID. | ||||
| CVE-2005-2627 | 1 Kismet | 1 Kismet | 2026-04-16 | N/A |
| Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based buffer overflows. | ||||
| CVE-2005-2628 | 2 Macromedia, Redhat | 2 Flash Player, Rhel Extras | 2026-04-16 | N/A |
| Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer. | ||||
| CVE-2005-3075 | 1 Mpc-donkey | 1 Zengaia | 2026-04-16 | N/A |
| SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2000-0660 | 1 Alt-n | 1 Worldclient | 2026-04-16 | N/A |
| The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
| CVE-2005-2688 | 1 Savewebportal | 1 Savewebportal | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in SaveWebPortal 3.4 allow remote attackers to inject arbitrary web script or HTML via a large number of parameters to (1) footer.php, (2) header.php, (3) menu_dx.php, or (4) menu_sx.php, or Javascript code in the (5) HTTP_REFERER (referer) or (6) HTTP_USER_AGENT (user agent) fields. | ||||
| CVE-2005-2689 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.760-RC4b allows remote attackers to inject arbitrary web script or HTML via (1) the moderate parameter to the Comments module or (2) htmltext parameter to html/user.php. | ||||
| CVE-2005-2690 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php. | ||||
| CVE-2005-2691 | 1 Runcms | 1 Runcms | 2026-04-16 | N/A |
| includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code. | ||||
| CVE-2005-2692 | 1 Runcms | 1 Runcms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in RunCMS 1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) addquery and (2) subquery parameters to the newbb plus module, the forum parameter to (3) newtopic.php, (4) edit.php, or (5) reply.php in the newbb plus module, or (6) the msg_id parameter to print.php in the messages module. | ||||
| CVE-2005-2697 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| SQL injection vulnerability in search.php for MyBulletinBoard (MyBB) 1.00 Release Candidate 1 through 4 allows remote attackers to execute arbitrary SQL commands via the uid parameter. NOTE: this issue might overlap CVE-2005-0282. | ||||
| CVE-2005-2698 | 1 Nelogic Technologies | 1 Nephp Publisher Enterprise | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in browse.php in Nephp Publisher Enterprise 3.04 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded keywords parameter. | ||||