Export limit exceeded: 345219 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 345219 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345219 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2642 | 1 Mutt | 1 Mutt | 2026-04-16 | N/A |
| Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext. | ||||
| CVE-2005-2999 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2026-04-16 | N/A |
| PHP Advanced Transfer Manager 1.30 allows remote attackers to obtain sensitive PHP configuration information via a direct request to test.php. | ||||
| CVE-2005-3194 | 1 Estsoft | 1 Alzip | 2026-04-16 | N/A |
| Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive. | ||||
| CVE-2005-2643 | 1 Tor | 1 Tor | 2026-04-16 | N/A |
| Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit. | ||||
| CVE-2005-3000 | 1 Bugada Andrea | 1 Php Advanced Transfer Manager | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in viewers/txt.php in PHP Advanced Transfer Manager 1.30 allow remote attackers to inject arbitrary web script or HTML via the (1) font, (2) normalfontcolor, or (3) mess[31] parameters. | ||||
| CVE-2005-3196 | 1 Planet Technology Corp | 1 Fgsw2402rs | 2026-04-16 | N/A |
| Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges. | ||||
| CVE-2005-2644 | 1 Isemarket | 1 Jaguarcontrol | 2026-04-16 | N/A |
| Buffer overflow in JaguarEditControl.dll in Isemarket JaguarControl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Jtext field. | ||||
| CVE-2005-3001 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | ||||
| CVE-2005-2645 | 1 Xerox | 7 Document Centre 265, Document Centre 332, Document Centre 340 and 4 more | 2026-04-16 | N/A |
| Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to bypass authentication. | ||||
| CVE-2005-3002 | 1 Xclusive-software | 1 Mccs | 2026-04-16 | N/A |
| Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet. | ||||
| CVE-2005-3003 | 1 Noosoftware | 1 Nootoplist | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters. | ||||
| CVE-2005-3198 | 1 Webroot Software | 1 Desktop Firewall | 2026-04-16 | N/A |
| Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands. | ||||
| CVE-2005-3004 | 1 Interakt | 1 Mx Shop | 2026-04-16 | N/A |
| SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php. | ||||
| CVE-2005-3199 | 1 Aspready Faq Manager | 1 Aspready Faq Manager | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in aradmin.asp for aspReady FAQ allow remote attackers to execute arbitrary SQL commands, possibly via the (1) txtLogin and (2) txtPassword parameters. | ||||
| CVE-2005-3006 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames. | ||||
| CVE-2005-3007 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content. | ||||
| CVE-2005-3323 | 2 Debian, Zope | 2 Debian Linux, Zope | 2026-04-16 | N/A |
| docutils in Zope 2.6, 2.7 before 2.7.8, and 2.8 before 2.8.2 allows remote attackers to include arbitrary files via include directives in RestructuredText functionality. | ||||
| CVE-2005-3008 | 1 Amar Sagoo | 1 Tofu | 2026-04-16 | N/A |
| Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes. | ||||
| CVE-2005-3009 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php. | ||||
| CVE-2005-3324 | 1 Appindex | 1 Mwchat | 2026-04-16 | N/A |
| SQL injection vulnerability in chat.php in MWChat 6.8 allows remote attackers to execute arbitrary SQL commands via the username parameter. | ||||