Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1725 1 Apple 1 Mac Os X Server 2026-04-16 N/A
launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.
CVE-2005-0761 3 Imagemagick, Redhat, Sgi 3 Imagemagick, Enterprise Linux, Propack 2026-04-16 N/A
Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.
CVE-2005-1658 1 Myserver 1 Myserver 2026-04-16 N/A
Directory traversal vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to list the parent directory of the web root via a URL with a "..." (triple dot).
CVE-2005-0765 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).
CVE-2005-0776 1 Photopost 1 Photopost Php Pro 2026-04-16 N/A
adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify administrative privileges before manipulating photos, which could allow remote attackers to manipulate other users' photos.
CVE-2005-0785 1 Yabb 1 Yabb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in usersrecentposts in YaBB 2.0 rc1 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
CVE-2005-0786 1 Simpgb 1 Simpgb 2026-04-16 N/A
SQL injection vulnerability in gb_new.inc in SimpGB allows remote attackers to execute arbitrary SQL commands via the quote parameter to guestbook.php.
CVE-2005-0797 1 Novell 1 Ichain 2026-04-16 N/A
Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks.
CVE-2005-0798 1 Novell 1 Ichain 2026-04-16 N/A
Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.
CVE-2005-0801 1 Includer.cgi 1 Includer.cgi 2026-04-16 N/A
Directory traversal vulnerability in includer.cgi in The Includer allows remote attackers to read arbitrary files via (1) a .. (dot dot) or (2) a full pathname in the URL.
CVE-2006-0137 1 Phanatic Softwares 1 Chimera Web Portal 2026-04-16 N/A
SQL injection vulnerability in linkcategory.php in Phanatic Softwares Chimera Web Portal System 0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-0806 2 Redhat, Ximian 2 Enterprise Linux, Evolution 2026-04-16 N/A
Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.
CVE-2005-0814 1 Lysator 1 Lsh 2026-04-16 N/A
Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 allows remote attackers to cause a denial of service via unknown vectors.
CVE-2006-0139 1 Pd9 Software 1 Megabbs 2026-04-16 N/A
The send-private-message functionality (send-private-message.asp) in PD9 Software MegaBBS 2.1 allows remote attackers to read private messages of other users via a modified replyid parameter.
CVE-2005-0818 1 Punbb 1 Punbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
CVE-2006-0151 2 Todd Miller, Ubuntu 2 Sudo, Ubuntu Linux 2026-04-16 N/A
sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158.
CVE-2006-0155 1 427bb 1 Fourtwosevenbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI.
CVE-2005-1659 1 Myserver 1 Myserver 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in filemanager.cpp in MyServer 0.8 allows remote attackers to inject arbitrary Javascript via a URL with a "..." (triple dot) followed by an onmouseover event.
CVE-2005-0827 3 Ciamos, E-xoops, Runcms 3 Ciamos, E-xoops, Runcms 2026-04-16 N/A
Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message.
CVE-2006-0182 1 Acal 1 Calendar Project 2026-04-16 N/A
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside".