Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3008 | 1 Amar Sagoo | 1 Tofu | 2025-04-03 | N/A |
| Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes. | ||||
| CVE-2005-3010 | 1 Cutephp | 1 Cutenews | 2025-04-03 | N/A |
| Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php. | ||||
| CVE-2005-3013 | 1 Suse | 1 Suse Linux | 2025-04-03 | N/A |
| Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry. | ||||
| CVE-2005-3012 | 1 Simplecdr-x | 1 Simplecdr-x | 2025-04-03 | N/A |
| The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images. | ||||
| CVE-2005-3014 | 1 Ensim | 1 Webppliance | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field. | ||||
| CVE-2005-3021 | 1 Jelsoft | 1 Vbulletin | 2025-04-03 | N/A |
| image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action. | ||||
| CVE-2005-3027 | 1 Sybari | 1 Antigen | 2025-04-03 | N/A |
| Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypass custom filter rules and send file attachments of arbitrary file types via a message with a subject of "Antigen forwarded attachment". | ||||
| CVE-2005-3039 | 1 Mall23 | 1 Mall23 | 2025-04-03 | N/A |
| SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter. | ||||
| CVE-2005-3034 | 1 Compuware | 1 Driverstudio | 2025-04-03 | N/A |
| Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session. | ||||
| CVE-2005-3032 | 1 Cambridge Computer Corporation | 1 Vxtftpsrv | 2025-04-03 | N/A |
| Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument. | ||||
| CVE-2005-3033 | 1 Cambridge Computer Corporation | 1 Vxweb | 2025-04-03 | N/A |
| Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2005-3035 | 1 Compuware | 1 Driverstudio | 2025-04-03 | N/A |
| Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service (reboot) via a UDP packet sent directly to port 9110. | ||||
| CVE-2005-3036 | 1 Ttxn | 1 File Transfer Anywhere | 2025-04-03 | N/A |
| File Transfer Anywhere 3.01 stores sensitive password information in plaintext in the PASS value in the "File Transfer Anywhere" registry key, which allows local users to gain privileges. | ||||
| CVE-2005-3038 | 1 Hosting Controller | 1 Hosting Controller | 2025-04-03 | N/A |
| Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote attackers to list and read contents of arbitrary drives, related to "the PHP vulnerability." | ||||
| CVE-2005-3045 | 1 My Little Homepage | 1 My Little Forum | 2025-04-03 | N/A |
| SQL injection vulnerability in search.php in My Little Forum 1.5 and 1.6 beta allows remote attackers to execute arbitrary SQL commands via the phrase field. | ||||
| CVE-2005-3053 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The sys_set_mempolicy function in mempolicy.c in Linux kernel 2.6.x allows local users to cause a denial of service (kernel BUG()) via a negative first argument. | ||||
| CVE-2005-3050 | 1 Phpmyfaq | 1 Phpmyfaq | 2025-04-03 | N/A |
| PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information via a LANGCODE parameter that does not exist, which reveals the path in an error message. | ||||
| CVE-2005-3052 | 1 Jportal | 1 Jportal Web Portal | 2025-04-03 | N/A |
| SQL injection vulnerability in module/down.inc.php in jportal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the search field to download.php. | ||||
| CVE-2005-3060 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors. | ||||
| CVE-2005-3061 | 1 Powerarchiver | 4 Powerarchiver 2002, Powerarchiver 2003, Powerarchiver 2004 and 1 more | 2025-04-03 | N/A |
| Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remote attackers to execute arbitrary code via a long filename in a (1) ACE or (2) ARJ archive. | ||||