Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2280 | 1 Cisco | 1 Security Agent | 2026-04-16 | N/A |
| Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. | ||||
| CVE-2005-2282 | 1 Esi Products | 1 Webeoc | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebEOC before 6.0.2 allow remote attackers to inject arbitrary web script and HTML via unknown vectors. | ||||
| CVE-2005-2283 | 1 Esi Products | 1 Webeoc | 2026-04-16 | N/A |
| WebEOC before 6.0.2 does not properly restrict the size of an uploaded file, which allows remote authenticated users to cause a denial of service (system and database resource consumption) via a large file. | ||||
| CVE-2005-2284 | 1 Esi Products | 1 Webeoc | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in WebEOC before 6.0.2 allow remote attackers to modify SQL statements via unknown attack vectors. | ||||
| CVE-2005-2285 | 1 Esi Products | 1 Webeoc | 2026-04-16 | N/A |
| WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration. | ||||
| CVE-2005-2286 | 1 Esi Products | 1 Webeoc | 2026-04-16 | N/A |
| WebEOC before 6.0.2 does not properly check user authorization, which allows remote attackers to gain privileges via a direct request to a resource. | ||||
| CVE-2005-2288 | 1 Phpcounter | 1 Phpcounter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PHPCounter 7.2 allows remote attackers to inject arbitrary web script or HTML via the EpochPrefix parameter. | ||||
| CVE-2005-2289 | 1 Phpcounter | 1 Phpcounter | 2026-04-16 | N/A |
| PHPCounter 7.2 allows remote attackers to obtain sensitive information via a direct request to prelims.php, which reveals the path in an error message. | ||||
| CVE-2005-2290 | 1 Wps | 1 Web Portal System | 2026-04-16 | N/A |
| wps_shop.cgi in WPS Web Portal System 0.7.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) art and (2) cat variables. | ||||
| CVE-2005-2291 | 1 Oracle | 1 Jdeveloper | 2026-04-16 | N/A |
| Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information. | ||||
| CVE-2005-2292 | 1 Oracle | 1 Jdeveloper | 2026-04-16 | N/A |
| Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information. | ||||
| CVE-2005-2294 | 1 Oracle | 1 Forms | 2026-04-16 | N/A |
| Oracle Forms 4.5, 6.0, 6i, and 9i on Unix, when a large number of records are retrieved by an Oracle form, stores a copy of the database tables in a world-readable temporary file, which allows local users to gain sensitive information such as credit card numbers. | ||||
| CVE-2005-2295 | 1 Pyrosoft Inc | 1 Netpanzer | 2026-04-16 | N/A |
| NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (infinite loop) via a packet with a zero datablock size. | ||||
| CVE-2005-2297 | 1 Sybase | 1 Easerver | 2026-04-16 | N/A |
| Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter. | ||||
| CVE-2005-2298 | 1 Softwin | 1 Bitdefender Engine | 2026-04-16 | N/A |
| BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards. | ||||
| CVE-2005-2300 | 1 Skype Technologies | 1 Skype | 2026-04-16 | N/A |
| Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file. | ||||
| CVE-2005-2301 | 1 Powerdns | 1 Powerdns | 2026-04-16 | N/A |
| PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service (failure to answer ldap questions) and possibly conduct an LDAP injection attack. | ||||
| CVE-2005-2302 | 1 Powerdns | 1 Powerdns | 2026-04-16 | N/A |
| PowerDNS before 2.9.18, when allowing recursion to a restricted range of IP addresses, does not properly handle questions from clients that are denied recursion, which could cause a "blank out" of answers to those clients that are allowed to use recursion. | ||||
| CVE-2005-2321 | 1 Calogic | 1 Calogic | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php, (2) clmcpreload.php, (3) mcconfig.php, or (4) mcpi-demo.php. | ||||
| CVE-2005-2322 | 2 Class-1, Clever Copy | 2 Class-1 Forum, Clever Copy | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allows remote attackers to inject arbitrary web script or HTML via the (1) viewuser_id or (2) group parameter to users.php. | ||||