Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2005-1773

Publication date:

31/05/2005

Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1.8d allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: this candidate may be SPLIT in the future when more precise technical details become available.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1774

Publication date:

31/05/2005

WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce Unix permissions, which allows local users to write arbitrary files on a davfs2 mounted filesystem.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1776

Publication date:

31/05/2005

Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C&#39;Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text string.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1777

Publication date:

31/05/2005

SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1831

Publication date:

31/05/2005

Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don&#39;t see how this could happen unless the user&#39;s actual password was empty.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1832

Publication date:

31/05/2005

Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1833

Publication date:

31/05/2005

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1907

Publication date:

31/05/2005

The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1765

Publication date:

31/05/2005

syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1808

Publication date:

30/05/2005

Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1789

Publication date:

29/05/2005

SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

CVE-2005-1798

Publication date:

29/05/2005

Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.

Severity CVSS v4.0: Pending analysis

Last modification:

16/04/2026

Subscribe to Vulnerabilities