Export limit exceeded: 347563 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347563 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3692 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) retid parameter in badlogin.php, (2) Content-Type headers in HTML mails, and (3) HTML mail attachments. | ||||
| CVE-2005-3697 | 1 Uresk Links | 1 Uresk Links | 2026-04-16 | N/A |
| Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php. | ||||
| CVE-2005-3698 | 1 Php Easy Download | 1 Php Easy Download | 2026-04-16 | N/A |
| PHP Easy Download allows remote attackers to bypass authentication via edit.php. | ||||
| CVE-2005-3706 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. | ||||
| CVE-2002-2293 | 1 Twofold Photos | 1 Webshots Desktop | 2026-04-16 | N/A |
| Webshots Desktop screensaver allows local users to bypass the password on the screensaver by pressing CTRL-ALT-DELETE and (1) hitting the cancel button or (2) killing the screensaver from the task manager. | ||||
| CVE-2005-3712 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes. | ||||
| CVE-2005-3716 | 1 Utstarcom | 2 F1000 Wi-fi, F1000 Wi-fi Firmware | 2026-04-16 | 7.5 High |
| The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information. | ||||
| CVE-2005-3718 | 1 Utstarcom | 1 F1000 Voip Wifi Phone | 2026-04-16 | N/A |
| UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to (1) SNMP or (2) the rlogin port TCP 513, which allows remote attackers to exploit other vulnerabilities such as CVE-2005-3716, or execute arbitrary shell commands via rlogin, which does not require authentication. | ||||
| CVE-2005-3724 | 1 Zyxel | 2 P2000w Version 1 Voip Wifi Phone, Prestige 2000w V.1voip Wi-fi Phone | 2026-04-16 | N/A |
| Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive information and possibly cause a denial of service via a direct connection to UDP port 9090, which is undocumented and does not require authentication. | ||||
| CVE-2002-2300 | 1 3com | 1 Webbngss3nbxnts | 2026-04-16 | N/A |
| Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command. | ||||
| CVE-2005-3727 | 1 Revize Cms | 1 Revize Cms | 2026-04-16 | N/A |
| SQL injection vulnerability in debug/query_results.jsp in Idetix Software Systems Revize CMS allows remote attackers to execute arbitrary SQL commands via the query parameter. | ||||
| CVE-2005-3728 | 1 Revize Cms | 1 Revize Cms | 2026-04-16 | N/A |
| Idetix Software Systems Revize CMS stores conf/revize.xml under the web document root with insufficient access control, which allows remote attackers to obtain sensitive configuration information. | ||||
| CVE-2005-3732 | 2 Ipsec-tools, Redhat | 2 Ipsec-tools, Enterprise Linux | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | ||||
| CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2026-04-16 | N/A |
| 3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. | ||||
| CVE-2005-3733 | 1 Juniper | 8 Junos E, Junos J, Junos M and 5 more | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2002-2303 | 1 3d3.com | 1 Shopfactory | 2026-04-16 | N/A |
| 3D3.Com ShopFactory 5.8 uses client-side encryption and decryption for sensitive price data, which allows remote attackers to modify shopping cart prices by using the Javascript to decrypt the cookie that contains the data. | ||||
| CVE-2005-3735 | 1 Coastal Data Management | 1 E-quick Cart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in e-Quick Cart allow remote attackers to execute arbitrary SQL commands via the (1) productid parameter in shopaddtocart.asp, (2) strpemail parameter in shopprojectlogin.asp, and (3) id parameter in shoptellafriend.asp. | ||||
| CVE-2005-3739 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| Unspecified vulnerability in subheader.php in PHP-Fusion 6.00.206 and earlier allows remote attackers to obtain the full path via unspecified vectors. | ||||
| CVE-2005-3743 | 1 Simplepoll | 1 Simplepoll | 2026-04-16 | N/A |
| SQL injection vulnerability in results.php in SimplePoll allows remote attackers to execute arbitrary SQL commands via the pollid parameter. | ||||
| CVE-2002-2304 | 1 Myphpsoft | 1 Myphplinks | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/auth/checksession.php in MyPHPLinks 2.1.9 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the idsession parameter. | ||||