Export limit exceeded: 29917 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29917 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3961 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter. | ||||
| CVE-2005-3963 | 1 Dotclear | 1 Dotclear | 2026-04-16 | N/A |
| SQL injection vulnerability in session.php in DotClear before 1.2.3 allows remote attackers to execute arbitrary SQL commands via the dc_xd parameter in a cookie. | ||||
| CVE-2005-3964 | 2 Integrated Computer Solutions, Redhat | 3 Openmotif, Enterprise Linux, Network Satellite | 2026-04-16 | N/A |
| Multiple buffer overflows in libUil (libUil.so) in OpenMotif 2.2.3, and possibly other versions, allows attackers to execute arbitrary code via the (1) diag_issue_diagnostic function in UilDiags.c and (2) open_source_file function in UilSrcSrc.c. | ||||
| CVE-2005-3967 | 1 Atlassian | 1 Confluence | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the dosearchsite.action module in Atlassian Confluence 2.0.1 Build 321 allows remote attackers to inject arbitrary web script or HTML via the searchQuery.queryString search module parameter. | ||||
| CVE-2005-3972 | 1 Extreme Corporate | 1 Extreme Search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in extremesearch.php in Extreme Search Corporate Edition 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2004-0152 | 1 Emil | 1 Emil | 2026-04-16 | N/A |
| Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames. | ||||
| CVE-2002-2075 | 1 Mirabilis | 1 Icq | 2026-04-16 | N/A |
| ICQ 2001a and 2002b allows remote attackers to cause a denial of service (memory consumption and hang) via a contact message with a large contacts number. | ||||
| CVE-2004-1264 | 1 Chbg | 1 Chbg | 2026-04-16 | N/A |
| Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to execute arbitrary code via a crafted chbg scenario file. | ||||
| CVE-2004-0171 | 2 Freebsd, Openbsd | 2 Freebsd, Openbsd | 2026-04-16 | N/A |
| FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. | ||||
| CVE-2004-0177 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2026-04-16 | N/A |
| The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device. | ||||
| CVE-2004-0716 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data. | ||||
| CVE-2005-3336 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| SQL injection vulnerability in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-3350 | 2 Libungif, Redhat | 2 Libungif, Enterprise Linux | 2026-04-16 | N/A |
| libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. | ||||
| CVE-2005-2608 | 1 Safehtml | 1 Safehtml | 2026-04-16 | N/A |
| SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML. | ||||
| CVE-2005-2609 | 1 Vegadns | 1 Vegadns | 2026-04-16 | N/A |
| index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter. | ||||
| CVE-2005-3391 | 1 Php | 1 Php | 2026-04-16 | N/A |
| Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safe_mode and open_basedir restrictions via unknown attack vectors in (1) ext/curl and (2) ext/gd. | ||||
| CVE-2005-2616 | 1 Ezupload | 1 Ezupload | 2026-04-16 | N/A |
| Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.php. | ||||
| CVE-2005-3395 | 1 Invision Power Services | 1 Invision Gallery | 2026-04-16 | N/A |
| SQL injection vulnerability in Invision Gallery 2.0.3 allows remote attackers to execute arbitrary SQL commands via the st parameter. | ||||
| CVE-2005-3402 | 1 Mozilla | 1 Thunderbird | 2026-04-16 | N/A |
| The SMTP client in Mozilla Thunderbird 1.0.5 BETA, 1.0.7, and possibly other versions, does not notify users when it cannot establish a secure channel with the server, which allows remote attackers to obtain authentication information without detection via a man-in-the-middle (MITM) attack that bypasses TLS authentication or downgrades CRAM-MD5 authentication to plain authentication. | ||||
| CVE-2005-3404 | 1 Adaptive Technology Resource Centre | 1 Atutor | 2026-04-16 | N/A |
| Multiple PHP file inclusion vulnerabilities in ATutor 1.4.1 through 1.5.1-pl1 allow remote attackers to include arbitrary files via the section parameter followed by a null byte (%00) in (1) body_header.inc.php and (2) print.php. | ||||