Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3027 | 1 Sybari | 1 Antigen | 2026-04-16 | N/A |
| Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypass custom filter rules and send file attachments of arbitrary file types via a message with a subject of "Antigen forwarded attachment". | ||||
| CVE-2005-3029 | 1 Ahnlab | 3 V3 Virusblock 2005, V3net, V3pro 2004 | 2026-04-16 | N/A |
| Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary code via a long filname in an ACE archive. | ||||
| CVE-2005-3030 | 1 Ahnlab | 3 V3 Virusblock 2005, V3net, V3pro 2004 | 2026-04-16 | N/A |
| Directory traversal vulnerability in the archive decompression library in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in a compressed archive. | ||||
| CVE-2006-2317 | 1 Ideal Science | 1 Idealbb | 2026-04-16 | N/A |
| Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to read arbitrary files under the web root via unspecified attack vectors related to the OpenTextFile method in Scripting.FileSystemObject. | ||||
| CVE-2005-3094 | 1 Avi Alkalay | 1 Man Cgi | 2026-04-16 | N/A |
| Avi Alkalay man-cgi script allows remote attackers to execute arbitrary code via shell metacharacters in the topic parameter. | ||||
| CVE-2005-3095 | 1 Avi Alkalay | 1 Notify | 2026-04-16 | N/A |
| Avi Alkalay notify program, dated 19 Aug 2001, allows remote attackers to execute arbitrary commands via shell metacharacters in the from parameter. | ||||
| CVE-2006-2345 | 1 Roostercode Ajax Softwares | 1 Alipager | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in inc/elementz.php in AliPAGER 1.5 allows remote attackers to inject arbitrary web script or HTML via the ubild parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information. NOTE: this issue might be resultant from SQL injection. | ||||
| CVE-2005-3096 | 1 Avi Alkalay | 1 Nslookup.cgi | 2026-04-16 | N/A |
| Avi Alkalay nslookup.cgi program, dated 16 June 2002, allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter. | ||||
| CVE-2006-2352 | 1 Ipswitch | 1 Whatsup Professional | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-3097 | 1 Avi Alkalay | 1 Contribute.cgi | 2026-04-16 | N/A |
| Directory traversal vulnerability in Avi Alkalay contribute.cgi (aka contribute.pl), dated 16 Jun 2002, allows remote attackers to overwrite arbitrary files via ".." sequences in the contribdir variable. | ||||
| CVE-2006-2354 | 1 Ipswitch | 1 Whatsup Professional | 2026-04-16 | N/A |
| NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-3098 | 1 Qualcomm | 1 Qpopper | 2026-04-16 | N/A |
| poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument. | ||||
| CVE-2005-3103 | 1 Six Apart | 1 Movable Type | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title, (2) category, (3) body, (4) extended body, and (5) excerpt form fields in new blog entries. | ||||
| CVE-2006-4674 | 1 Andreas Gohr | 1 Dokuwiki | 2026-04-16 | N/A |
| Direct static code injection vulnerability in doku.php in DokuWiki before 2006-030-09c allows remote attackers to execute arbitrary PHP code via the X-FORWARDED-FOR HTTP header, which is stored in config.php. | ||||
| CVE-2005-3111 | 1 Debian | 1 Backupninja | 2026-04-16 | N/A |
| The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack. | ||||
| CVE-2006-4677 | 1 Phpopenchat | 1 Phpopenchat | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in contrib/yabbse/poc.php in phpopenchat before 3.0.2 allows remote attackers to execute arbitrary PHP code via the sourcedir parameter. NOTE: this issue was disputed by a third-party researcher who stated that the _REQUEST parameters were dynamically unset at the beginning of the file. Another researcher noted, and CVE agrees, that the unset PHP function can be bypassed (CVE-2006-3017). If this issue is due to a vulnerability in PHP, then it should be excluded from CVE | ||||
| CVE-2005-3116 | 1 Symantec Veritas | 1 Netbackup | 2026-04-16 | N/A |
| Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2005-3129 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 and earlier allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag to serendipity_admin.php. | ||||
| CVE-2006-2364 | 1 Macromedia | 1 Coldfusion | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the validation feature in Macromedia ColdFusion 5 and earlier allows remote attackers to inject arbitrary web script or HTML via a "_required" field when the associated normal field is missing or empty, which is not sanitized before being presented in an error message. | ||||
| CVE-2005-3131 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to blank.html, or the createdataCX parameter to (2) calendar_d.html, (3) calendar_m.html, or (4) calendar_w.html. | ||||