Export limit exceeded: 345064 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345064 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3113 | 1 Nateon | 1 Nateon Messenger | 2026-04-16 | N/A |
| The ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to download and execute arbitrary programs by setting the arguments to the GotNate.Excute method. | ||||
| CVE-2005-0656 | 1 Arif Supriyanto | 1 Auracms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php. | ||||
| CVE-2005-3114 | 1 Nateon | 1 Nateon Messenger | 2026-04-16 | N/A |
| Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method. | ||||
| CVE-2005-0657 | 1 Computalynx | 1 Cproxy | 2026-04-16 | N/A |
| Directory traversal vulnerability in Computalynx CProxy 3.3.x and 3.4.x through 3.4.4 allows remote attackers to read arbitrary files or cause a denial of service (application crash) via a .. (dot dot) in an HTTP request. | ||||
| CVE-2005-3115 | 1 Mpeg-tools | 1 Mpeg-tools | 2026-04-16 | N/A |
| mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN]. | ||||
| CVE-2005-3653 | 2 Broadcom, Ca | 34 Brightstor Arcserve Backup, Brightstor Arcserve Backup Laptops Desktops, Brightstor Portal and 31 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. | ||||
| CVE-2005-0658 | 1 Cmw Linklist | 1 Cmw Linklist | 2026-04-16 | N/A |
| SQL injection vulnerability in a third party extension to TYPO3 allows remote attackers to execute arbitrary SQL commands via the category_uid parameter. | ||||
| CVE-2005-0659 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message. | ||||
| CVE-2005-3116 | 1 Symantec Veritas | 1 Netbackup | 2026-04-16 | N/A |
| Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2005-0660 | 1 Adalis | 1 D-forum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in D-Forum 1.11 allows remote attackers to inject arbitrary web script or HTML via certain fields, as demonstrated using the page parameter in nav.php3. | ||||
| CVE-2005-3118 | 1 William Stearns | 1 Mason | 2026-04-16 | N/A |
| Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot. | ||||
| CVE-2005-0661 | 1 Woltlab | 1 Burning Board | 2026-04-16 | N/A |
| SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or (2) lastvisit cookie. | ||||
| CVE-2005-3119 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Memory leak in the request_key_auth_destroy function in request_key_auth in Linux kernel 2.6.10 up to 2.6.13 allows local users to cause a denial of service (memory consumption) via a large number of authorization token keys. | ||||
| CVE-2005-0662 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the Avatar field. | ||||
| CVE-2005-0663 | 1 Mercuryboard | 1 Mercuryboard | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter. | ||||
| CVE-2005-3120 | 3 Debian, Invisible-island, Redhat | 3 Debian Linux, Lynx, Enterprise Linux | 2026-04-16 | 9.8 Critical |
| Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. | ||||
| CVE-2005-0673 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into signatures for personal messages, possibly when they are processed by privmsg.php or viewtopic.php. | ||||
| CVE-2005-3121 | 1 Eduard Bloch | 1 Module-assistant | 2026-04-16 | N/A |
| A rule file in module-assistant before 0.9.10 causes a temporary file to be created insecurely, which allows local users to conduct unauthorized operations. | ||||
| CVE-2005-0706 | 2 Grip, Redhat | 2 Grip, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected. | ||||
| CVE-2005-0739 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions. | ||||