Export limit exceeded: 29907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3622 | 1 Phpmyadmin | 1 Phpmyadmin | 2026-04-16 | N/A |
| phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory. | ||||
| CVE-2005-3629 | 1 Redhat | 1 Enterprise Linux | 2026-04-16 | N/A |
| initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors. | ||||
| CVE-2005-3630 | 1 Redhat | 1 Fedora Core | 2026-04-16 | N/A |
| Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives. | ||||
| CVE-2005-3642 | 1 Ibm | 1 Informix Dynamic Database Server | 2026-04-16 | N/A |
| IBM Informix Dynamic Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account by supplying an invalid username. | ||||
| CVE-2005-3647 | 1 Winability | 1 Folder Guard | 2026-04-16 | N/A |
| Folder Guard allows local users to bypass protections by running from or installing to the temporary files directory. | ||||
| CVE-2005-3651 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Stack-based buffer overflow in the dissect_ospf_v3_address_prefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets. | ||||
| CVE-2005-3657 | 1 Mcafee | 2 Mcinsctl.dll, Virusscan Security Center | 2026-04-16 | N/A |
| The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object. | ||||
| CVE-2005-3701 | 1 Apple | 1 Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in passwordserver in Mac OS X Server 10.3.9 and 10.4.3, when creating an Open Directory master server, allows local users to gain privileges via unknown attack vectors. | ||||
| CVE-2005-3707 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. | ||||
| CVE-2005-3730 | 1 Revize Cms | 1 Revize Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HTTPTranslatorServlet in Idetix Software Systems Revize CMS allow remote attackers to inject arbitrary web script or HTML via the (1) resourcetype, (2) objectmap, and (3) redirect parameters, possibly involving setWebSpace.jsp. | ||||
| CVE-2005-3736 | 1 Coastal Data Management | 1 E-quick Cart | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in e-Quick Cart allow remote attackers to inject arbitrary web script or HTML via the (1) strgifttoname parameter in shopgift.asp, (2) strfirstname parameter in shopmaillist.asp, (3) strpid parameter in shopprojectlogin.asp, and (4) Custname parameter in shoptellafriend.asp. | ||||
| CVE-2005-3746 | 1 Apboard | 1 Apboard | 2026-04-16 | N/A |
| SQL injection vulnerability in thread.php in APBoard allows remote attackers to execute arbitrary SQL commands via the start parameter. | ||||
| CVE-2005-3778 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| Unspecified vulnerability in MyBulletinBoard (MyBB) before 1.0 PR2 Rev 686 allows attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2005-3786 | 1 Novell | 3 Zenworks, Zenworks Desktops, Zenworks Servers | 2026-04-16 | N/A |
| Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One. | ||||
| CVE-2005-3793 | 1 Alstrasoft | 1 Affiliate Network Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attackers to bypass authentication and execute arbitrary SQL commands via the (1) username or (2) password to admin/admin_validate_login, or the (3) login, (4) password, and (5) flag parameters to login_validate.php. | ||||
| CVE-2005-3800 | 1 Macromedia | 1 Contribute Publishing Server | 2026-04-16 | N/A |
| Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak algorithm to encrypt user password in connection keys that use shared FTP login credentials, which allows attackers to obtain sensitive information. | ||||
| CVE-2005-3810 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference. | ||||
| CVE-2005-3836 | 1 Desklance | 1 Desklance | 2026-04-16 | N/A |
| SQL injection vulnerability in DeskLance 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via the announce parameter. | ||||
| CVE-2005-3862 | 1 Unalz | 1 Unalz | 2026-04-16 | N/A |
| Buffer overflow in unalz before 0.53 allows remote attackers to execute arbitrary code via long file names in ALZ archives. | ||||
| CVE-2005-3869 | 1 Google | 1 Api Search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter. | ||||