Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (29946 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2005-3515 1 Chipmunk Scripts 1 Chipmunk Topsites 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in recommend.php in Chipmunk Topsites script allows remote attackers to inject arbitrary web script or HTML via the ID parameter.
CVE-2005-2633 1 Phptb 1 Topic Boards 2026-04-16 N/A
Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter.
CVE-2005-3520 1 Mysource 1 Mysource 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 allow remote attackers to inject arbitrary web script or HTML via (1) the target_url parameter in upgrade_in_progress_backend.php, (2) the stylesheet parameter in edit_table_cell_type_wysiwyg.php, and the bgcolor parameter in (3) insert_table.php, (4) edit_table_cell_props.php, (5) header.php, (6) edit_table_row_props.php, and (7) edit_table_props.php.
CVE-2005-3522 1 Adventnet 1 Manageengine Netflow Analyzer 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.jsp in ManageEngine Netflow Analyzer 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the grDisp parameter.
CVE-2005-3523 1 Gpsdrive 1 Gpsdrive 2026-04-16 N/A
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir (direction) field.
CVE-2005-3524 1 Linux-ftpd-ssl 1 Linux-ftpd-ssl 2026-04-16 N/A
Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command.
CVE-2005-3525 1 Adobe 1 Shockwave Player 2026-04-16 N/A
Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters.
CVE-2005-3550 1 Toenda Software Development 1 Toendacms 2026-04-16 N/A
Directory traversal vulnerability in admin.php in toendaCMS before 0.6.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the id_user parameter.
CVE-2005-2647 1 Xerox 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to inject arbitrary web script or HTML and modify web pages via unknown vectors.
CVE-2005-2659 1 Jed Wing 1 Chm Lib 2026-04-16 N/A
Buffer overflow in the LZX decompression in CHM Lib (chmlib) 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors.
CVE-2005-3557 1 Tincan 1 Phplist 2026-04-16 N/A
Directory traversal vulnerability in admin/defaults.php in PHPlist 2.10.1 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) in the selected%5B%5D parameter in an HTTP POST request.
CVE-2005-3558 1 Oste 1 Oste 2026-04-16 N/A
PHP file inclusion vulnerability in index.php in OSTE 1.0 allows remote attackers to execute arbitrary code via the (1) page and (2) site parameters.
CVE-2005-3560 1 Zonelabs 4 Zonealarm, Zonealarm Anti-spyware, Zonealarm Antivirus and 1 more 2026-04-16 N/A
Zone Labs (1) ZoneAlarm Pro 6.0, (2) ZoneAlarm Internet Security Suite 6.0, (3) ZoneAlarm Anti-Virus 6.0, (4) ZoneAlarm Anti-Spyware 6.0 through 6.1, and (5) ZoneAlarm 6.0 allow remote attackers to bypass the "Advanced Program Control and OS Firewall filters" setting via URLs in "HTML Modal Dialogs" (window.location.href) contained within JavaScript tags.
CVE-2005-1922 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.
CVE-2005-1931 1 Goodtech Systems 1 Goodtech Smtp Server 2026-04-16 N/A
GoodTech SMTP Server 5.14 allows remote attackers to cause a denial of service (application crash) via a RCPT TO command with an invalid argument, as demonstrated using an "A" character.
CVE-2005-1953 1 Pico Server 1 Pico Server 2026-04-16 N/A
Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request.
CVE-2005-1962 1 Cerberus 1 Cerberus Helpdesk 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorcode parameter to index.php or (2) certain fields to clients.php.
CVE-2005-1966 1 E107 1 E107 2026-04-16 N/A
The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a valid argument to the etrace_host parameter.
CVE-2005-1981 1 Microsoft 2 Windows 2000, Windows 2003 Server 2026-04-16 N/A
Unknown vulnerability in Microsoft Windows 2000 Server and Windows Server 2003 domain controllers allows remote authenticated users to cause a denial of service (system crash) via a crafted Kerberos message.
CVE-2004-0338 1 Invision Power Services 1 Invision Board 2026-04-16 N/A
SQL injection vulnerability in search.php for Invision Board Forum allows remote attackers to execute arbitrary SQL queries via the st parameter.