Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-0616 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fourth issue."
CVE-2005-0769 1 Openslp 1 Openslp 2026-04-16 N/A
Multiple buffer overflows in OpenSLP before 1.1.5 allow remote attackers to have an unknown impact via malformed SLP packets.
CVE-2005-0770 1 Datarescue 1 Ida Pro 2026-04-16 N/A
Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service (CPU consumption or application crash) and possibly execute arbitrary code via format string specifiers in a dynamic link library (DLL) name.
CVE-2005-0771 1 Symantec Veritas 1 Backup Exec 2026-04-16 N/A
VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.
CVE-2006-0617 1 Sun 2 Jdk, Jre 2026-04-16 N/A
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues."
CVE-2005-0821 1 Citrix 1 Metaframe Conferencing Manager 2026-04-16 N/A
Unknown vulnerability in Citrix MetaFrame Conferencing Manager 3.0 allows conference members to bypass organizer restrictions to control the keyboard and mouse.
CVE-2005-0822 1 Citrix 1 Metaframe Password Manager 2026-04-16 N/A
Citrix Metaframe Password Manager 2.5 and earlier stores a password in cleartext although it is obfuscated when presented to a user, which allows users to view their secondary passwords even if it is not allowed by policy.
CVE-2006-3816 1 Krusader 1 Krusader 2026-04-16 N/A
Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connections in cleartext in the bookmark file (krbookmarks.xml), which allows attackers to steal passwords by obtaining the file.
CVE-2005-0823 1 Thepoolclub 2 Ipool, Isnooker 2026-04-16 N/A
ThePoolClub (1) iPool and (2) iSnooker 1.6.81 and earlier stores usernames and passwords in cleartext in the MyDetails.txt file, which allows local users to gain privileges.
CVE-2005-0825 1 Lgames 1 Ltris 2026-04-16 N/A
Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted highscores file.
CVE-2005-0826 1 Ollydbg 1 Ollydbg 2026-04-16 N/A
OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a dynamic link library (DLL) with a long filename.
CVE-2005-0827 3 Ciamos, E-xoops, Runcms 3 Ciamos, E-xoops, Runcms 2026-04-16 N/A
Viewcat.php in (1) RUNCMS 1.1A, (2) Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops (exoops), allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message.
CVE-2006-0657 1 Softcomplex 1 Php Event Calendar 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event Calendar 1.5 allows remote authenticated users to inject arbitrary web script or HTML, and corrupt data, via the (1) username and (2) password parameters, which are not sanitized before being written to users.php. NOTE: while this issue was originally reported as XSS, the primary issue might be direct static code injection with resultant XSS.
CVE-2005-0829 1 Php Fusion 1 Php Fusion 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in setuser.php of the Digitanium addon to PHP-Fusion 5.01 allows remote attackers to inject arbitrary web script or HTML via the (1) user_name or (2) user_pass parameters.
CVE-2006-0658 1 Fckeditor 1 Fckeditor 2026-04-16 N/A
Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 and 2.2, as used in products such as RunCMS, allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions that are not listed in the Config[DeniedExtensions][File], such as .php.txt.
CVE-2005-0832 1 Php-post 1 Php-post Web Forum 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHP-Post before 0.33 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2005-0833 1 Belkin 1 Belkin 54g Wireless Router 2026-04-16 N/A
Belkin 54G (F5D7130) wireless router allows remote attackers to access restricted resources by sniffing URIs from UPNP datagrams, then accessing those URIs, which do not require authentication.
CVE-2006-0660 1 Farsinews 1 Farsinews 2026-04-16 N/A
Multiple directory traversal vulnerabilities in FarsiNews 2.5 and earlier allows remote attackers to (1) read arbitrary files or trigger an error message path disclosure via ".." or invalid names in the archive parameter to index.php, or (2) include arbitrary files via the template parameter to show_archives.php.
CVE-2005-0834 1 Belkin 1 Belkin 54g Wireless Router 2026-04-16 N/A
Belkin 54G (F5D7130) wireless router enables SNMP by default in a manner that allows remote attackers to obtain sensitive information.
CVE-2006-0661 1 Scriptme 2 Sme Blog Host, Sme Gb Host 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remote attackers to inject arbitrary web script or HTML via the BBcode url tag.