Export limit exceeded: 349277 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29912 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29912 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-0616 | 1 Postnuke Software Foundation | 1 Postnuke Phoenix | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables. | ||||
| CVE-2005-0610 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. | ||||
| CVE-2005-0620 | 1 Bfriendly.com | 1 Einstein | 2026-04-16 | N/A |
| Einstein 1.0 stores credit card information in plaintext in the world-readable wallets.dat file, which allows local users to steal the information. | ||||
| CVE-2005-0622 | 1 Raidenhttpd | 1 Raidenhttpd | 2026-04-16 | N/A |
| RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing (1) . (dot) or (2) space. | ||||
| CVE-2005-0623 | 1 Raidenhttpd | 1 Raidenhttpd | 2026-04-16 | N/A |
| Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2005-0624 | 1 Debian | 1 Reportbug | 2026-04-16 | N/A |
| reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords. | ||||
| CVE-2005-0625 | 1 Debian | 1 Reportbug | 2026-04-16 | N/A |
| reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | ||||
| CVE-2005-0636 | 1 Foxmail | 1 Foxmail Email Server | 2026-04-16 | N/A |
| Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command. | ||||
| CVE-2005-0626 | 2 Redhat, Squid | 2 Enterprise Linux, Squid | 2026-04-16 | N/A |
| Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies. | ||||
| CVE-2005-0628 | 1 Demof | 1 Forumwa | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Forumwa 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the keyword parameter in search.php or the (2) body or (3) subject of a forum message. | ||||
| CVE-2005-0630 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter. | ||||
| CVE-2005-0631 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters. | ||||
| CVE-2005-0632 | 1 Phpnews | 1 Phpnews | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter. | ||||
| CVE-2005-0633 | 1 Cerulean Studios | 2 Trillian, Trillian Pro | 2026-04-16 | N/A |
| Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file. | ||||
| CVE-2005-0627 | 1 Trolltech | 1 Qt | 2026-04-16 | N/A |
| Qt before 3.3.4 searches the BUILD_PREFIX directory, which could be world-writable, to load shared libraries regardless of the LD_LIBRARY_PATH environment variable, which allows local users to execute arbitrary programs. | ||||
| CVE-2005-0639 | 3 Altlinux, Suse, Xli | 3 Alt Linux, Suse Linux, Xli | 2026-04-16 | N/A |
| Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files. | ||||
| CVE-2005-0640 | 1 Broadcom | 1 Unicenter Asset Management | 2026-04-16 | N/A |
| Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 does not properly initialize the "Change Credentials for Database" window, which allows local users to recover the SQL Admin password via certain methods. | ||||
| CVE-2005-0641 | 1 Broadcom | 1 Unicenter Asset Management | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Reporter for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to inject arbitrary HTML or web script via the (1) name or (2) description in a report template. | ||||
| CVE-2005-0637 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| The copy functions in locore.s such as copyout in OpenBSD 3.5 and 3.6, and possibly other BSD based operating systems, may allow attackers to exceed certain address boundaries and modify kernel memory. | ||||
| CVE-2005-0653 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended. | ||||