Export limit exceeded: 20040 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363262 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363262 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2970 4 Apache, Canonical, Fedoraproject and 1 more 7 Http Server, Ubuntu Linux, Fedora Core and 4 more 2026-04-16 N/A
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.
CVE-2005-2971 1 Kde 1 Koffice 2026-04-16 N/A
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
CVE-2005-2977 2 Pam, Redhat 2 Pam, Enterprise Linux 2026-04-16 N/A
The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.
CVE-2005-3255 1 Nathan Neulinger 1 Cgiwrap 2026-04-16 N/A
The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs.
CVE-2005-3022 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, (2) userid parameter to user.php, (3) calendar parameter to admincalendar.php, (4) cronid parameter to cronlog.php, (5) usergroupid parameter to email.php, (6) help parameter to help.php, (7) rvt parameter to language.php, (8) keep parameter to phrase.php, or (9) updateprofilepic parameter to usertools.php.
CVE-2006-2116 1 Planet Concept 1 Planetgallery 2026-04-16 N/A
planetGallery allows remote attackers to gain administrator privileges via a direct request to admin/gallery_admin.php.
CVE-2005-3023 1 Jelsoft 1 Vbulletin 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8) image.php, (9) language.php, (10) ranks.php, (11) replacement.php, (12) replacement.php, (13) template.php, (14) template.php, (15) usergroup.php, or (16) usertitle.php.
CVE-2005-3265 1 Skype Technologies 1 Skype 2026-04-16 N/A
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.
CVE-2005-3037 1 Handy Address Book 1 Handy Address Book Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the SEARCHTEXT parameter in a demos URL.
CVE-2006-2123 1 Network Administration Visualized 1 Network Administration Visualized 2026-04-16 N/A
Multiple SQL injection vulnerabilities in the report interface in Network Administration Visualized (NAV) before 3.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2005-3042 2 Usermin, Webmin 2 Usermin, Webmin 2026-04-16 N/A
miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
CVE-2005-3044 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems.
CVE-2005-3045 1 My Little Homepage 1 My Little Forum 2026-04-16 N/A
SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field.
CVE-2005-3058 1 Fortinet 2 Fortigate, Fortios 2026-04-16 N/A
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
CVE-2006-2124 1 Turnkey Solutions 1 Sunshop Shopping Cart 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SunShop 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prevaction, (2) previd, (3) prevstart, (4) itemid, (5) id, and (6) action parameters in index.php.
CVE-2005-3067 1 Scriptsolutions 1 Perldiver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver 2.x allows remote attackers to inject arbitrary web script or HTML via the module parameter.
CVE-2005-3301 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
CVE-2006-2140 1 Orbitscripts 1 Orbithyip 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in OrbitHYIP 2.0 and earlier allow remote attackers to inject arbitrary web script via the (1) referral parameter to signup.php or (2) id parameter to members.php.
CVE-2005-3338 1 Mantis 1 Mantis 2026-04-16 N/A
Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users.
CVE-2005-3110 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to be modified after it has been read but before it has been locked.