Export limit exceeded: 349367 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0037 | 2 Freebsd, Redhat | 2 Freebsd, Linux | 2026-04-16 | N/A |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. | ||||
| CVE-1999-0039 | 1 Sgi | 1 Irix | 2026-04-16 | 7.3 High |
| webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. | ||||
| CVE-1999-0040 | 7 Bsdi, Freebsd, Hp and 4 more | 10 Bsd Os, Freebsd, Hp-ux and 7 more | 2026-04-16 | N/A |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. | ||||
| CVE-1999-0041 | 5 Cray, Gnu, Ibm and 2 more | 6 Unicos, Unicos Max, Libc and 3 more | 2026-04-16 | N/A |
| Buffer overflow in NLS (Natural Language Service). | ||||
| CVE-2005-1645 | 1 Keyvan1 | 1 Imagegallery | 2026-04-16 | N/A |
| Keyvan1 ImageGallery stores the image.mdb database under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2005-1647 | 1 Gurgens | 1 Gurgens Guest Book | 2026-04-16 | N/A |
| Gurgens (GASoft) Guest Book 2.1 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords. | ||||
| CVE-2005-1648 | 1 Gurgens | 1 Gurgens Ultimate Forum | 2026-04-16 | N/A |
| Gurgens (GASoft) Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords. | ||||
| CVE-2005-1663 | 1 Jeuce | 1 Jeuce Personal Web Server | 2026-04-16 | N/A |
| Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) via a GET request beginning with "://". | ||||
| CVE-2005-1662 | 1 Jeuce | 1 Jeuce Personal Web Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in Jeuce Personal Web Server 2.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2005-1664 | 1 Microsoft | 1 Asp.net | 2026-04-16 | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties. | ||||
| CVE-2005-1665 | 1 Microsoft | 1 Asp.net | 2026-04-16 | N/A |
| The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | ||||
| CVE-2005-1667 | 1 Datatrac | 1 Activity Console | 2026-04-16 | N/A |
| DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request. | ||||
| CVE-2005-1670 | 1 Extremenetworks | 3 Blackdiamond 10808, Blackdiamond 8800, Extremeware Xos | 2026-04-16 | N/A |
| Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 before 11.0.2.4, and 10.x allows remote authenticated users to execute arbitrary commands. | ||||
| CVE-2005-1673 | 1 Ubertec | 1 Help Center Live | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Help Center Live allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to index.php, (2) tid parameter to view.php, fid parameter to (3) download.php or (4) chat_download.php, (5) status parameter to icon.php, TICKET_tid parameter to (6) index.php or (7) view.php. | ||||
| CVE-2005-1675 | 1 Groove | 2 Groove Workspace, Virtual Office | 2026-04-16 | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 installs the client installation directories with insecure EVERYBODY permissions, which allows local users to gain sensitive information. | ||||
| CVE-2005-1676 | 1 Groove | 2 Groove Workspace, Virtual Office | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allow remote attackers to inject arbitrary web script or HTML via the (1) picture columns embedded within SharePoint lists or (2) drop-down menus in a SharePoint list. | ||||
| CVE-2005-1677 | 1 Groove | 2 Groove Workspace, Virtual Office | 2026-04-16 | N/A |
| Unknown vulnerability in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allows remote attackers to bypass restrictions on COM objects. | ||||
| CVE-2005-1678 | 1 Groove | 2 Groove Workspace, Virtual Office | 2026-04-16 | N/A |
| Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 does not properly display file extensions on attached or embedded files in a compound document, which may allow remote attackers to trick users into executing malicious code. | ||||
| CVE-2005-1679 | 1 Timo Rossi | 1 Picasm | 2026-04-16 | N/A |
| Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message. | ||||
| CVE-2005-1681 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php. | ||||