Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1353 1 Forum.pl 1 Forum.pl 2026-04-16 N/A
The forum.pl script allows remote attackers to read arbitrary files via a full pathname in the argument.
CVE-2006-4597 1 Icblogger 1 Icblogger 2026-04-16 N/A
SQL injection vulnerability in devam.asp in ICBlogger 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the YID parameter.
CVE-2005-2460 1 Kayako 1 Liveresponse 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kayako liveResponse 2.x allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter or (2) name field when entering a session or sending a message.
CVE-2006-4718 1 Korviblog 1 Korviblog 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in livre_or.php in KorviBlog 1.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) prenom, (2) emailFrom, or (3) body parameters.
CVE-2005-2496 2 Dave Mills, Redhat 2 Ntpd, Enterprise Linux 2026-04-16 N/A
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
CVE-2006-4719 1 Myabracadaweb 1 Myabracadaweb 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to (1) index.php or (2) pop.php.
CVE-2005-2502 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.
CVE-2005-2503 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
CVE-2005-2505 1 Apple 1 Mac Os X 2026-04-16 N/A
Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation.
CVE-2006-4739 1 Jetbox 1 Jetbox Cms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML, as demonstrated via the OriginalImageData parameter to phpthumb.php.
CVE-2005-2512 1 Apple 2 Mac Os X, Mail 2026-04-16 N/A
Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.
CVE-2005-2518 1 Apple 1 Mac Os X 2026-04-16 N/A
Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
CVE-2006-4742 1 Idevspot 1 Phplinkexchange 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVE-2005-2519 1 Apple 1 Mac Os X 2026-04-16 N/A
slpd in Directory Services in Mac OS X 10.3.9 creates insecure temporary files as root, which allows local users to gain privileges.
CVE-2005-1708 1 Bluecoat 1 Reporter 2026-04-16 N/A
templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.
CVE-2005-2523 1 Apple 2 Mac Os X, Weblog Server 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-2526 2 Apple, Easy Software Products 2 Mac Os X, Cups 2026-04-16 N/A
CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection.
CVE-2005-2531 1 Openvpn 1 Openvpn 2026-04-16 N/A
OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts.
CVE-2005-1709 1 Bluecoat 1 Reporter 2026-04-16 N/A
Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license.
CVE-2005-2532 1 Openvpn 1 Openvpn 2026-04-16 N/A
OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted.