Export limit exceeded: 29948 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29948 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2713 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows local users to create arbitrary world-writable files as root by specifying an alternate file in the password database option. | ||||
| CVE-2005-2715 | 1 Symantec Veritas | 2 Netbackup Data And Business Center, Netbackup Enterprise Server Client | 2026-04-16 | N/A |
| Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, and 6.0, allows remote attackers to execute arbitrary code via the COMMAND_LOGON_TO_MSERVER command. | ||||
| CVE-2005-2716 | 1 Nokia | 1 Affix | 2026-04-16 | N/A |
| The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name. | ||||
| CVE-2006-1963 | 1 Pcpin | 1 Pcpin Chat | 2026-04-16 | N/A |
| Directory traversal vulnerability in main.php in PCPIN Chat 5.0.4 and earlier allows remote authenticated users to include and execute arbitrary PHP code via a ".." (dot dot) in a language cookie, as demonstrated by uploading then accessing a smiliefile image that actually contains PHP code. | ||||
| CVE-2005-2717 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts. | ||||
| CVE-2005-2718 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header containing a large value in a stream format (strf) chunk. | ||||
| CVE-2006-1964 | 1 Aspsitem | 1 Aspsitem | 2026-04-16 | N/A |
| SQL injection vulnerability in Haberler.asp in ASPSitem 1.83 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2006-4494 | 1 Microsoft | 1 Visual Studio | 2026-04-16 | N/A |
| Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll. | ||||
| CVE-2005-2774 | 1 Lithium Software | 1 Lithium Ii Mod | 2026-04-16 | N/A |
| Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the nickname. | ||||
| CVE-2006-2025 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2026-04-16 | N/A |
| Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image. | ||||
| CVE-2005-2775 | 1 Phpwebnotes | 1 Phpwebnotes | 2026-04-16 | N/A |
| php_api.php in phpWebNotes 2.0.0 uses the extract function to modify key variables such as $t_path_core, which leads to a PHP file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code via the t_path_core parameter. | ||||
| CVE-2005-2776 | 1 Looking Glass | 1 Looking Glass | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass 20040427 allow remote attackers to inject arbitrary web script or HTML via the (1) version[fullname], (2) version[homepage], or (3) version[no] parameter to footer.php, or the (4) version[fullname], (5) version[no], (6) version[author], (7) version[email] parameter to header.php. | ||||
| CVE-2006-4523 | 1 2wire Inc | 2 Homeportal, Officeportal | 2026-04-16 | N/A |
| The web-based management interface in 2Wire, Inc. HomePortal and OfficePortal Series modems and routers allows remote attackers to cause a denial of service (crash) via a CRLF sequence in a GET request. | ||||
| CVE-2005-2777 | 1 Looking Glass | 1 Looking Glass | 2026-04-16 | N/A |
| Looking Glass 20040427 allows remote attackers to execute arbitrary commands via shell metacharacters in the DNS lookup query field. | ||||
| CVE-2005-2778 | 1 Mybulletinboard | 1 Mybulletinboard | 2026-04-16 | N/A |
| SQL injection vulnerability in member.php in MyBulletinBoard (MyBB) allows remote attackers to execute arbitrary SQL statements via the fid parameter. | ||||
| CVE-2005-2779 | 1 Itan Online-banking Security System | 1 Itan Online-banking Security System | 2026-04-16 | N/A |
| The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing" attack. | ||||
| CVE-2006-2028 | 1 Simplog | 1 Simplog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in imagelist.php in Jeremy Ashcraft Simplog 0.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the imagedir parameter. NOTE: this issue might be resultant from directory traversal. | ||||
| CVE-2005-2780 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Land Down Under (LDU) allows remote attackers to inject arbitrary web script or HTML via a signature. | ||||
| CVE-2005-2781 | 1 Ilia Alshanetsky | 1 Fudforum | 2026-04-16 | N/A |
| The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code. | ||||
| CVE-2005-2782 | 1 Autolinks | 1 Autolinks | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in al_initialize.php for AutoLinks Pro 2.1 allows remote attackers to execute arbitrary PHP code via an "ftp://" URL in the alpath parameter, which bypasses the incomplete blacklist that only checks for "http" and "https" URLs. | ||||