Export limit exceeded: 363086 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2006-4731 2 Dws Systems Inc., Ledgersmb 2 Sql-ledger, Ledgersmb 2026-04-16 N/A
Multiple directory traversal vulnerabilities in (1) login.pl and (2) admin.pl in (a) SQL-Ledger before 2.6.19 and (b) LedgerSMB before 1.0.0p1 allow remote attackers to execute arbitrary Perl code via an unspecified terminal parameter value containing ../ (dot dot slash).
CVE-2005-3221 1 Fortinet 1 Fortinet Antivirus 2026-04-16 N/A
Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-3222 1 Vba32 1 Vba32 Antivirus 2026-04-16 N/A
Multiple interpretation error in unspecified versions of VBA32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2006-2421 1 Pragma Systems 1 Fortressssh 2026-04-16 N/A
Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remote attackers to execute arbitrary code via long SSH_MSG_KEXINIT messages, which may cause an overflow when being logged. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2005-3223 1 Rising 1 Rising Antivirus 2026-04-16 N/A
Multiple interpretation error in unspecified versions of Rising Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-3224 1 Avira 1 Antivir Personal 2026-04-16 N/A
Multiple interpretation error in unspecified versions of AntiVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2006-2422 1 Coinsoft Technologies 1 Phpcoin 2026-04-16 N/A
phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact".
CVE-2006-4732 1 Microsoft 1 Visual Basic 2026-04-16 N/A
Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certain Click event procedure, as demonstrated using the msgbox function and the VB.Label object.
CVE-2005-3225 1 Broadcom 2 Etrust Antivirus, Etrust Antivirus Iris Engine 2026-04-16 N/A
Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2006-2423 1 Swsoft 1 Confixx 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.
CVE-2006-4733 1 Sips 1 Sips 2026-04-16 N/A
PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the config[sipssys] parameter. NOTE: the product's documentation recommends placing the affected file outside of the web root, so the scope of issue is limited to admins who do not, or cannot, follow this recommendation.
CVE-2005-3226 1 Arcavir 1 Arcavir Antivirus 2026-04-16 N/A
Multiple interpretation error in unspecified versions of ArcaVir Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-3227 1 Una 1 Una Antivirus 2026-04-16 N/A
Multiple interpretation error in unspecified versions of UNA Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVE-2005-3293 1 Xerver 1 Xerver 2026-04-16 N/A
Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character.
CVE-2005-3295 1 Hp 1 Hp-ux 2026-04-16 N/A
Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size."
CVE-2005-3300 1 Phpmyadmin 1 Phpmyadmin 2026-04-16 N/A
The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme.
CVE-2006-4767 1 Stefan Ernst 1 Newsscript 2026-04-16 N/A
Multiple directory traversal vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5beta allow remote attackers to (1) read arbitrary local files via a .. (dot dot) sequence in the ide parameter in modify.php and (2) write to arbitrary local files via a .. sequence in the var parameter in add_go.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2005-3303 1 Clam Anti-virus 1 Clamav 2026-04-16 N/A
The FSG unpacker (fsg.c) in Clam AntiVirus (ClamAV) 0.80 through 0.87 allows remote attackers to cause "memory corruption" and execute arbitrary code via a crafted FSG 1.33 file.
CVE-2006-4772 1 Hotplug Cms 1 Hotplug Cms 2026-04-16 N/A
HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc.
CVE-2005-3310 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
Interpretation conflict in phpBB 2.0.17, with remote avatars and avatar uploading enabled, allows remote authenticated users to inject arbitrary web script or HTML via an HTML file with a GIF or JPEG file extension, which causes the HTML to be executed by a victim who views the file in Internet Explorer, which renders malformed image types as HTML, enabling cross-site scripting (XSS) attacks. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer (CVE-2005-3312) and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in phpBB.