Export limit exceeded: 361533 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361533 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1361 | 1 Metalinks | 1 Metacart E-shop | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp. | ||||
| CVE-2005-1369 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function. | ||||
| CVE-2005-2021 | 1 Cpanel | 1 Cpanel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page. | ||||
| CVE-2000-0515 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges. | ||||
| CVE-2005-1388 | 1 Survivor | 1 Survivor | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2000-0524 | 1 Microsoft | 2 Exchange Server, Outlook | 2026-04-16 | N/A |
| Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. | ||||
| CVE-2005-1401 | 1 Mtp-target | 1 Mtp-target | 2026-04-16 | N/A |
| Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers to execute arbitrary code via game messages or other text. | ||||
| CVE-2005-1405 | 1 Ibm | 1 Lotus Notes | 2026-04-16 | N/A |
| HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications. | ||||
| CVE-2005-1406 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| The kernel in FreeBSD 4.x to 4.11 and 5.x to 5.4 does not properly clear certain fixed-length buffers when copying variable-length data for use by applications, which could allow those applications to read previously used sensitive memory. | ||||
| CVE-2005-1411 | 1 Cybration | 1 Icuii | 2026-04-16 | N/A |
| Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows local users to gain privileges. | ||||
| CVE-2005-1412 | 1 Ecomm | 1 Professional Guestbook | 2026-04-16 | N/A |
| SQL injection vulnerability in verify.asp for Ecomm Professional Guestbook 3.x allows remote attackers to execute arbitrary SQL commands via the AdminPWD parameter. | ||||
| CVE-2005-1413 | 1 Envivosoft | 1 Envivo Cms | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp, or the (3) searchstring and possibly (4) ID parameters to default.asp. | ||||
| CVE-2005-2023 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail. | ||||
| CVE-2005-0964 | 1 Kerio | 1 Personal Firewall | 2026-04-16 | N/A |
| Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions. | ||||
| CVE-2005-0965 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2026-04-16 | N/A |
| The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. | ||||
| CVE-2005-0967 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2026-04-16 | N/A |
| Gaim 1.2.0 allows remote attackers to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read. | ||||
| CVE-2005-0968 | 1 Broadcom | 1 Etrust Intrusion Detection | 2026-04-16 | N/A |
| Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API. | ||||
| CVE-2000-0458 | 1 Imp | 1 Imp | 2026-04-16 | N/A |
| The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information. | ||||
| CVE-2005-0971 | 1 Apple | 1 Mac Os X | 2026-04-16 | N/A |
| Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. | ||||
| CVE-2005-0972 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters. | ||||