Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2005-1775

Publication date:

31/05/2005

Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a large nickname.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1778

Publication date:

31/05/2005

Cross-site scripting (XSS) vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to inject arbitrary web script or HTML via the start parameter.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1770

Publication date:

31/05/2005

Buffer overflow in the Aavmker4 device driver in Avast! Antivirus 4.6 and possibly other versions allows local users to cause a denial of service (system crash) and possibly execute arbitrary code via certain signals combined with crafted input.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1771

Publication date:

31/05/2005

Unknown vulnerability in HP-UX trusted systems B.11.00 through B.11.23 allows remote attackers to gain unauthorized access, possibly involving remshd and/or telnet -t.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1772

Publication date:

31/05/2005

Buffer overflow in the client cd-key hash in Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a long client cd-key hash value, a different vulnerability than CVE-2005-1556.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1773

Publication date:

31/05/2005

Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1.8d allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: this candidate may be SPLIT in the future when more precise technical details become available.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1774

Publication date:

31/05/2005

WEB-DAV Linux File System (davfs2) 0.2.3 does not properly enforce Unix permissions, which allows local users to write arbitrary files on a davfs2 mounted filesystem.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1776

Publication date:

31/05/2005

Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C&#39;Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text string.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1777

Publication date:

31/05/2005

SQL injection vulnerability in readpmsg.php in PostNuke 0.750 allows remote attackers to execute arbitrary SQL commands via the start parameter.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1832

Publication date:

31/05/2005

Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1833

Publication date:

31/05/2005

Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

CVE-2005-1783

Publication date:

31/05/2005

BookReview beta 1.0 allows remote attackers to obtain the path of the web server via certain parameters to search.htm, possibly due to a search[string] parameter with a missing value or an incorrect submit[type] value, which reveals the path in the resulting error message. NOTE: it is not clear whether BookReview is available to the public. If not, then it should not be included in CVE.

Severity CVSS v4.0: Pending analysis

Last modification:

03/04/2025

Subscribe to Vulnerabilities