Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3663 1 Kaspersky Lab 1 Kaspersky Anti-virus 2026-04-16 N/A
Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.
CVE-2005-3664 2 F-secure, Kaspersky Lab 3 F-secure Anti-virus, Kaspersky Anti-virus, Kaspersky Anti-virus Personal 2026-04-16 N/A
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
CVE-2005-3665 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_HOST variable and (2) various scripts in the libraries directory that handle header generation.
CVE-2005-3671 3 Frees Wan, Openswan, Xelerance 3 Frees Wan, Openswan, Openswan 2026-04-16 N/A
The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
CVE-2005-3672 1 Stonesoft 1 Stonegate Firewall 2026-04-16 N/A
The Internet Key Exchange version 1 (IKEv1) implementation in Stonesoft StoneGate Firewall before 2.6.1 allows remote attackers to cause a denial of service via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Stonesoft advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
CVE-2005-3674 1 Sun 1 Solaris 2026-04-16 N/A
The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
CVE-2005-3675 1 Tcp 1 Tcp 2026-04-16 N/A
The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills available bandwidth.
CVE-2005-3676 1 Phpwebthings 1 Phpwebthings 2026-04-16 N/A
SQL injection vulnerability in download.php in PhpWebThings 1.4.4 allows remote attackers to execute arbitrary SQL commands via the file parameter.
CVE-2005-3680 1 Xoops 1 Xoops 2026-04-16 N/A
Directory traversal vulnerability in editor_registry.php in XOOPS 2.2.3 allows remote attackers to read or include arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter.
CVE-2005-3683 1 Freeftpd 1 Freeftpd 2026-04-16 N/A
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
CVE-2005-3684 1 Freeftpd 1 Freeftpd 2026-04-16 N/A
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands.
CVE-2005-3685 1 Virtual Programming 1 Vp-asp 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in shopadmin.asp in VP-ASP Shopping Cart 5.50 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.
CVE-2005-3687 1 Whm Autopilot 1 Whm Autopilot 2026-04-16 N/A
cancel_account.php in WHM AutoPilot 2.5.30 and earlier allows remote attackers to cancel requests for arbitrary accounts via a modified c parameter.
CVE-2005-3689 1 Xmb Forum 1 Xmb 2026-04-16 N/A
post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action.
CVE-2005-3690 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
Stack-based buffer overflow in the IMAP service (meimaps.exe) of MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allows remote attackers to execute arbitrary code via a long mailbox name in the (1) select, (2) create, (3) delete, (4) rename, (5) subscribe, or (6) unsubscribe commands.
CVE-2005-3707 1 Apple 1 Quicktime 2026-04-16 N/A
Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files.
CVE-2005-3717 1 Utstarcom 1 F1000 Voip Wifi Phone 2026-04-16 N/A
The telnet daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has a default username "target" and password "password", which allows remote attackers to gain full access to the system.
CVE-2005-3719 1 Hitachi 1 Ip5000 Voip Wifi Phone 2026-04-16 N/A
Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration.
CVE-2005-3720 1 Hitachi 1 Ip5000 Voip Wifi Phone 2026-04-16 N/A
The default index page in the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 lists sensitive information such as software versions.
CVE-2005-3721 1 Hitachi 1 Ip5000 Voip Wifi Phone 2026-04-16 N/A
The default configuration of the HTTP server in Hitachi IP5000 VOIP WIFI Phone 1.5.6 does not require authentication for sensitive configuration pages, which allows remote attackers to modify configuration.