Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3114 1 Nateon 1 Nateon Messenger 2026-04-16 N/A
Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method.
CVE-2005-3115 1 Mpeg-tools 1 Mpeg-tools 2026-04-16 N/A
mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN].
CVE-2005-3118 1 William Stearns 1 Mason 2026-04-16 N/A
Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot.
CVE-2005-3121 1 Eduard Bloch 1 Module-assistant 2026-04-16 N/A
A rule file in module-assistant before 0.9.10 causes a temporary file to be created insecurely, which allows local users to conduct unauthorized operations.
CVE-2005-3123 1 Gnu 1 Gnump3d 2026-04-16 N/A
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
CVE-2005-3124 1 Acme Labs 1 Thttpd 2026-04-16 N/A
syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.
CVE-2005-3127 1 Lucidcms 1 Lucidcms 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in lucidCMS 1.0.11 allows remote attackers to inject arbitrary web script or HTML via the query string.
CVE-2005-3128 1 Squirrelmail 1 Address Add Plugin 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.
CVE-2005-3130 1 Lucidcms 1 Lucidcms 2026-04-16 N/A
SQL injection vulnerability in lucidCMS 1.0.11 allows remote attackers to execute arbitrary SQL commands via the login field.
CVE-2005-3132 2 Icewarp, Merak 2 Web Mail, Mail Server 2026-04-16 N/A
MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to bwlist_inc.html, which reveals the path in an error message.
CVE-2005-3134 1 Citrix 1 Metaframe 2026-04-16 N/A
Citrix Metaframe Presentation Server 3.0 and 4.0 allows remote attackers to bypass policy restrictions by downloading the launch.ica file and changing the client device name (ClientName).
CVE-2005-3135 1 Virtools 1 Web Player 2026-04-16 N/A
Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename.
CVE-2005-3136 1 Virtools 1 Web Player 2026-04-16 N/A
Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename.
CVE-2005-3137 1 Gnu 1 Cfengine 2026-04-16 N/A
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.
CVE-2005-3139 1 Mozilla 1 Bugzilla 2026-04-16 N/A
Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set.
CVE-2005-3141 1 Cerulean Studios 1 Trillian 2026-04-16 N/A
Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ.
CVE-2005-3143 1 4d 1 Webstar 2026-04-16 N/A
Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2.
CVE-2005-3144 1 Standards Based Linux Instrumentation 1 Sblim-sfcb 2026-04-16 N/A
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers.
CVE-2005-3145 1 Standards Based Linux Instrumentation 1 Sblim-sfcb 2026-04-16 N/A
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service (resource consumption) by connecting to sblim-sfcb but not sending any data.
CVE-2005-3166 1 Mediawiki 1 Mediawiki 2026-04-16 N/A
Unspecified vulnerability in "edit submission handling" for MediaWiki 1.4.x before 1.4.10 and 1.3.x before 1.3.16 allows remote attackers to cause a denial of service (corruption of the previous submission) via a crafted URL.