Export limit exceeded: 363500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363500 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2989 | 1 Deluxebb | 1 Deluxebb | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in DeluxeBB 1.0 and 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) tid parameter to topic.php, the uid parameter to (2) misc.php or (3) pm.php, or the fid parameter to (3) forums.php or (4) newpost.php. | ||||
| CVE-2005-2990 | 1 Linecontrol | 1 Java Client | 2026-04-16 | N/A |
| AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files. | ||||
| CVE-2005-2991 | 1 Ncompress | 1 Ncompress | 2026-04-16 | 5.0 Medium |
| ncompress 4.2.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files using (1) zdiff or (2) zcmp, a different vulnerability than CVE-2004-0970. | ||||
| CVE-2005-2992 | 1 Arc | 1 Arc | 2026-04-16 | N/A |
| arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945. | ||||
| CVE-2005-2994 | 1 Ibm | 1 Rational Clearquest | 2026-04-16 | N/A |
| Unspecified vulnerability in the web client for IBM Rational ClearQuest 2002.05.00 and 2002.05.20, and 2003.06.00 through 2003.06.15 before SR5, allows remote attackers to execute XML Style Sheets (XSS). | ||||
| CVE-2005-3001 | 1 Sun | 1 Solaris | 2026-04-16 | N/A |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | ||||
| CVE-2005-3002 | 1 Xclusive-software | 1 Mccs | 2026-04-16 | N/A |
| Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet. | ||||
| CVE-2005-3003 | 1 Noosoftware | 1 Nootoplist | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters. | ||||
| CVE-2005-3004 | 1 Interakt | 1 Mx Shop | 2026-04-16 | N/A |
| SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php. | ||||
| CVE-2005-3008 | 1 Amar Sagoo | 1 Tofu | 2026-04-16 | N/A |
| Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes. | ||||
| CVE-2005-3009 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php. | ||||
| CVE-2005-3010 | 1 Cutephp | 1 Cutenews | 2026-04-16 | N/A |
| Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php. | ||||
| CVE-2005-3012 | 1 Simplecdr-x | 1 Simplecdr-x | 2026-04-16 | N/A |
| The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images. | ||||
| CVE-2005-3013 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry. | ||||
| CVE-2005-3014 | 1 Ensim | 1 Webppliance | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field. | ||||
| CVE-2005-3016 | 1 Francisco Burzi | 1 Php-nuke | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors. | ||||
| CVE-2005-3017 | 1 Content2web | 1 Content2web | 2026-04-16 | N/A |
| PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS). | ||||
| CVE-2005-3039 | 1 Mall23 | 1 Mall23 | 2026-04-16 | N/A |
| SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter. | ||||
| CVE-2005-3042 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2026-04-16 | N/A |
| miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return). | ||||
| CVE-2005-3043 | 1 Mall23 | 1 Mall23 | 2026-04-16 | N/A |
| SQL injection vulnerability in AddItem.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idOption_Dropdown_2 parameter. | ||||