Export limit exceeded: 363836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363836 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3301 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) left.php, (2) queryframe.php, or (3) server_databases.php.
CVE-2006-2295 1 Timobraun 1 Dynamic Galerie 2026-04-16 N/A
Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.
CVE-2005-2443 1 Kshout 1 Kshout 2026-04-16 N/A
Kshout 2.x and 3.x stores settings.dat under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords.
CVE-2005-3302 2 Blender, Debian 2 Blender, Debian Linux 2026-04-16 7.3 High
Eval injection vulnerability in bvh_import.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call.
CVE-2005-3303 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file.
CVE-2005-3305 1 Nuked-klan 1 Nuked-klan 2026-04-16 N/A
Multiple SQL injection vulnerabilities in Nuked Klan 1.7 allow remote attackers to execute arbitrary SQL commands via the (1) forum_id or (2) thread_id parameter in the Forum file, (3) the link_id in the Links file, (4) the artid parameter in the Sections file, and (5) the dl_id parameter in the Download file.
CVE-2005-3314 1 Novell 1 Netmail 2026-04-16 N/A
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
CVE-2005-3316 1 Symantec 2 Discovery, On Command Discovery 2026-04-16 N/A
The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password.
CVE-2005-3317 1 Zipgenius 1 Zipgenius 2026-04-16 N/A
Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via (1) a ZIP archive that contains a file with a long filename, which is not properly handled by (a) zipgenius.exe, (b) zg.exe, (c) zgtips.dll, and (d) contmenu.dll; (2) a long original name in a (a) UUE, (b) XXE, or (c) MIM file, which is not properly handled by zipgenius.exe; or (3) an ACE archive with a file with a long filename, which is not properly handled by unacev2.dll.
CVE-2005-2457 1 Linux 1 Linux Kernel 2026-04-16 N/A
The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.
CVE-2005-3321 2 Novell, Suse 2 Suse Linux, Suse Linux 2026-04-16 N/A
chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.
CVE-2005-3322 2 Squid, Suse 2 Squid, Suse Linux 2026-04-16 N/A
Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).
CVE-2005-3325 2 Acid, Secureideas 2 Analysis Console For Intrusion Databases, Basic Analysis And Security Engine 2026-04-16 N/A
Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these products, allow remote attackers to execute arbitrary SQL commands via the sig[1] parameter and possibly other parameters.
CVE-2005-3328 1 Punbb 1 Punbb 2026-04-16 N/A
PHP remote file inclusion vulnerability in common.php in PunBB 1.1.2 through 1.1.5 allows remote attackers to execute arbitrary code via the pun_root parameter.
CVE-2005-3330 1 Snoopy 1 Snoopy 2026-04-16 N/A
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function.
CVE-2005-3331 1 Rogers Software Source 1 Mgdiff Patch Viewer 2026-04-16 N/A
viewpatch in mgdiff 1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
CVE-2005-3332 1 Belchior Foundry 1 Vcard 2026-04-16 N/A
PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter.
CVE-2005-2476 1 Naxtor 1 Shopping Cart 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in lost_passowrd.php in Naxtor Shopping Cart 1.0 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
CVE-2005-3333 1 Ebase 1 Ebaseweb 2026-04-16 N/A
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.
CVE-2005-3335 1 Mantis 1 Mantis 2026-04-16 N/A
PHP file inclusion vulnerability in bug_sponsorship_list_view_inc.php in Mantis 1.0.0RC2 and 0.19.2 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the t_core_path parameter.