Export limit exceeded: 345102 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345102 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3658 | 1 Emc | 1 Legato Networker | 2026-04-16 | N/A |
| Multiple heap-based buffer overflows in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allow remote attackers to execute arbitrary code or cause a denial of service (unresponsive application) via malformed RPC packets to (1) RPC program number 390109 (nsrd.exe) and (2) RPC program number 390113 (nsrexecd.exe). | ||||
| CVE-2005-3659 | 1 Emc | 1 Legato Networker | 2026-04-16 | N/A |
| nsrd.exe in EMC Legato NetWorker 7.1.x before 7.1.4 and 7.2.x before 7.2.1.Build.314, and other products such as Sun Solstice Backup (SBU) 6.0 and 6.1 and StorEdge Enterprise Backup Software (EBS) 7.1 through 7.2L, allows remote attackers to cause a denial of service (nsrd service crash) via a malformed RPC request to RPC program number 390109, which triggers a null dereference. | ||||
| CVE-2005-3690 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands. | ||||
| CVE-2005-3691 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Directory traversal vulnerability in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to create or rename arbitrary mail directories via the mailbox name argument of the (1) create or (2) rename commands. | ||||
| CVE-2005-3725 | 1 Zyxel | 1 Prestige 2000w V.1voip Wi-fi Phone | 2026-04-16 | N/A |
| Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 uses hardcoded IP addresses for its DNS servers, which could allow remote attackers to cause a denial of service or hijack Zyxel phones by attacking or spoofing the hardcoded DNS servers. NOTE: it could be argued that this issue reflects an inherent limitation of DNS itself, so perhaps it should not be included in CVE. | ||||
| CVE-2005-3726 | 1 Interspire | 1 Articlelive Nx | 2026-04-16 | N/A |
| SQL injection vulnerability in Interspire ArticleLive NX 0.3 allows remote attackers to execute arbitrary SQL commands via the Query parameter. | ||||
| CVE-2005-3734 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the "add content" page in phpMyFAQ 1.5.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) thema, (2) username, and (3) usermail parameters. | ||||
| CVE-2005-3737 | 1 Inkscape | 1 Inkscape | 2026-04-16 | N/A |
| Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values. | ||||
| CVE-2005-3760 | 1 Ibm | 1 Websphere Application Server | 2026-04-16 | N/A |
| Double free vulnerability in the BBOORB module in IBM WebSphere Application Server for z/OS 5.0 allows attackers to cause a denial of service (ABEND). | ||||
| CVE-2005-3768 | 1 Symantec | 10 Enterprise Firewall, Firewall Vpn Appliance 100, Firewall Vpn Appliance 200 and 7 more | 2026-04-16 | N/A |
| Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. | ||||
| CVE-2005-3810 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| ip_conntrack_proto_icmp.c in ctnetlink in Linux kernel 2.6.14 up to 2.6.14.3 allows attackers to cause a denial of service (kernel oops) via a message without ICMP ID (ICMP_ID) information, which leads to a null dereference. | ||||
| CVE-2005-3818 | 1 Vtiger | 1 Vtiger Crm | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 4.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) various input fields, including the contact, lead, and first or last name fields, (2) the record parameter in a DetailView action in the Leads module for index.php, (3) the $_SERVER['PHP_SELF'] variable, which is used in multiple locations such as index.php, and (4) aggregated RSS feeds in the RSS aggregation module. | ||||
| CVE-2005-3826 | 1 Ezy Helpdesk | 1 Ezyhelpdesk | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Ezyhelpdesk 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) edit_id, (2) faq_id, and (3) c_id parameters in a query string, and (4) the search engine, possibly involving the search_string parameter. | ||||
| CVE-2005-3851 | 1 Onlinetechtools.com | 1 Oasys Lite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword parameter. | ||||
| CVE-2005-3860 | 1 Oliver May | 1 Athena Php Website Administration | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in athena.php in Oliver May Athena PHP Website Administration 0.1a allows remote attackers to execute arbitrary PHP code via a URL in the athena_dir parameter. | ||||
| CVE-2005-3869 | 1 Google | 1 Api Search | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Google API Search 1.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the REQ parameter. | ||||
| CVE-2005-3919 | 1 Pblang | 1 Pblang | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PBLang 4.65 allows remote attackers to inject arbitrary web script or HTML via multiple fields in (1) UCP.php and (2) SendPm.php. | ||||
| CVE-2005-3939 | 1 Wsn Knowledge Base | 1 Wsn Knowledge Base | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) perpage, (3) ascdesc, and (4) orderlinks in a displaycat action in (a) index.php; and the (5) id parameter in (b) comments.php and (c) memberlist.php. | ||||
| CVE-2005-3975 | 1 Drupal | 1 Drupal | 2026-04-16 | N/A |
| Interpretation conflict in file.inc in Drupal 4.5.0 through 4.5.5 and 4.6.0 through 4.6.3 allows remote authenticated users to inject arbitrary web script or HTML via HTML in a file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer as a result of CVE-2005-3312. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in Drupal. | ||||
| CVE-2005-4157 | 1 Kerio | 1 Winroute Firewall | 2026-04-16 | N/A |
| Unspecified vulnerability in Kerio WinRoute Firewall before 6.1.3 allows remote attackers to authenticate to the service using an account that has been disabled. | ||||