Export limit exceeded: 29909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29909 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3715 | 1 Senao | 1 Si-680h Wireless Voip Phone | 2026-04-16 | N/A |
| Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service. | ||||
| CVE-2004-2145 | 1 Pd9 Software | 1 Megabbs | 2026-04-16 | N/A |
| SQL injection vulnerability in PD9 Software MegaBBS 2 and 2.1 allows remote attackers to execute arbitrary SQL commands via the (1) sortdir or (2) criteria parameter to ladder-log.asp or the (3) memberid or (4) teamid parameter to view-profile.asp. | ||||
| CVE-2005-3721 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2026-04-16 | N/A |
| The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration. | ||||
| CVE-2005-3728 | 1 Revize Cms | 1 Revize Cms | 2026-04-16 | N/A |
| Idetix Software Systems Revize CMS stores conf/revize.xml under the web document root with insufficient access control, which allows remote attackers to obtain sensitive configuration information. | ||||
| CVE-2005-3704 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL). | ||||
| CVE-2004-2155 | 1 Online-bookmarks | 1 Web Based Bookmark Application | 2026-04-16 | N/A |
| Online-bookmarks before 0.4.6 allows remote attackers to bypass its authentication mechanism via a direct request to (1) config/*, (2) bookmarks.php, (3) footer.php, (4) main.php, (5) tree.php, or (6) functions.php. | ||||
| CVE-2005-3706 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory. | ||||
| CVE-2005-3708 | 1 Apple | 1 Quicktime | 2026-04-16 | N/A |
| Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files. | ||||
| CVE-2005-3722 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2026-04-16 | N/A |
| The SNMP v1/v2c daemon in Hitachi IP5000 VOIP WIFI Phone 1.5.6 allows remote attackers to gain read or write access to system configuration using arbitrary SNMP credentials. | ||||
| CVE-2004-2156 | 1 Recruitment Agency Software | 1 Online Recruitment Agency | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Online Recruitment Agency 1.0 have unknown impact and attack vectors. | ||||
| CVE-2004-2163 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. | ||||
| CVE-2005-3717 | 1 Utstarcom | 1 F1000 Voip Wifi Phone | 2026-04-16 | N/A |
| The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has a default username "target" and password "password", which allows remote attackers to gain full access to the system. | ||||
| CVE-2005-3723 | 1 Hitachi | 1 Ip5000 Voip Wifi Phone | 2026-04-16 | N/A |
| Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not allow the user to disable access to (1) SNMP or (2) TCP port 3390, which allows remote attackers to modify configuration using CVE-2005-3722, or access the Unidata Shell to obtain sensitive information or cause a denial of service. | ||||
| CVE-2005-3729 | 1 Revize Cms | 1 Revize Cms | 2026-04-16 | N/A |
| Idetix Software Systems Revize CMS allows remote attackers to obtain sensitive information via direct requests to files in the revize/debug directory, such as (1) apptables.html and (2) main.html. | ||||
| CVE-2005-3718 | 1 Utstarcom | 1 F1000 Voip Wifi Phone | 2026-04-16 | N/A |
| UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 does not allow users to disable access to (1) SNMP or (2) the rlogin port TCP 513, which allows remote attackers to exploit other vulnerabilities such as CVE-2005-3716, or execute arbitrary shell commands via rlogin, which does not require authentication. | ||||
| CVE-2005-3730 | 1 Revize Cms | 1 Revize Cms | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HTTPTranslatorServlet in Idetix Software Systems Revize CMS allow remote attackers to inject arbitrary web script or HTML via the (1) resourcetype, (2) objectmap, and (3) redirect parameters, possibly involving setWebSpace.jsp. | ||||
| CVE-2004-2175 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | ||||
| CVE-2005-3731 | 1 Yassl | 1 Yassl | 2026-04-16 | N/A |
| Unspecified vulnerability in yaSSL before 1.0.6 has unknown impact and attack vectors, related to "certificate chain processing." | ||||
| CVE-2004-2184 | 1 Digicraft Software | 1 Yak | 2026-04-16 | N/A |
| Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or "..\" sequences in commands such as (1) dir or (2) put. | ||||
| CVE-2004-2185 | 1 Mediawiki | 1 Mediawiki | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and (6) ImagePage. | ||||