Export limit exceeded: 363125 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363125 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1077 1 Xampp 1 Apache Distribution 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote attackers to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.
CVE-2005-0407 1 Zakon Group 1 Openconf 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title.
CVE-2005-0397 2 Imagemagick, Redhat 2 Imagemagick, Enterprise Linux 2026-04-16 N/A
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by other web applications.
CVE-2004-2636 1 Rit Research Labs 1 Tinyweb 2026-04-16 N/A
TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL.
CVE-2003-0840 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.
CVE-2005-0380 1 Zeroboard 1 Zeroboard 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in (1) print_category.php, (2) login.php, (3) setup.php, (4) ask_password.php, or (5) error.php in ZeroBoard 4.1pl5 and earlier allow remote attackers to execute arbitrary PHP code by modifying the dir parameter to reference a URL on a remote web server that contains the code.
CVE-2001-0831 1 Oracle 1 Database Server 2026-04-16 N/A
Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access.
CVE-2005-0327 1 Php Arena 1 Pafiledb 2026-04-16 N/A
pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php.
CVE-2005-0310 1 Exponent 1 Exponent 2026-04-16 N/A
Exponent 0.95 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) search.info.php, (2) permissions.info.php, (3) security.info.php, (4) formcontrol.php, or (5) file_modules.php, which reveals the path in an error message because the pathos_core_version variable is undefined.
CVE-2005-0301 1 Comersus Open Technologies 1 Comersus Backoffice Lite 2026-04-16 N/A
comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass authentication and gain privileges via a direct request to the program.
CVE-2005-0278 1 3com 1 3cdaemon 2026-04-16 N/A
The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name, which reveals the installation path in an error message.
CVE-2005-0242 1 Yahoo 1 Messenger 2026-04-16 N/A
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.
CVE-2005-0216 1 Woltlab 1 Burning Board Lite 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter.
CVE-2005-0175 2 Redhat, Squid 2 Enterprise Linux, Squid 2026-04-16 N/A
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
CVE-2005-0155 2 Larry Wall, Redhat 2 Perl, Enterprise Linux 2026-04-16 N/A
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
CVE-2005-0151 1 Adobe 3 Creative Suite, Photoshop, Premiere 2026-04-16 N/A
Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges.
CVE-2005-0145 1 Mozilla 1 Firefox 2026-04-16 N/A
Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature.
CVE-2005-0137 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel 2.6 on Itanium (ia64) architectures allows local users to cause a denial of service via a "missing Itanium syscall table entry."
CVE-2005-0117 1 Xshisen 1 Xshisen 2026-04-16 N/A
Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS field.
CVE-2005-0673 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php.