Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1742 2 Bea, Oracle 2 Weblogic Server, Weblogic Portal 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role to "shrink or reset JDBC connection pools."
CVE-2005-3081 1 Wzdftpd 1 Wzdftpd 2026-04-16 N/A
wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command.
CVE-2005-1743 2 Bea, Oracle 2 Weblogic Server, Weblogic Portal 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions.
CVE-2005-3082 1 Seo-board 1 Seo-board 2026-04-16 N/A
SQL injection vulnerability in admin.php in SEO-Board 1.0.2 allows remote attackers to execute arbitrary SQL commands via the user_pass_sha1 value in a cookie.
CVE-2005-3083 1 Cmsmadesimple 1 Cms Made Simple 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 0.10 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2005-3661 1 Dell 1 Truemobile 2300 Wireless Broadband Router 2026-04-16 N/A
Dell TrueMobile 2300 Wireless Broadband Router running firmware 3.0.0.8 and 5.1.1.6, and possibly other versions, allows remote attackers to reset authentication credentials, then change configuration or firmware, via a direct request to apply.cgi with the Page parameter set to adv_password.asp.
CVE-2005-1745 2 Bea, Oracle 2 Weblogic Server, Weblogic Portal 2026-04-16 N/A
The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack 3 prints the password to standard output when an incorrect login attempt is made, which could make it easier for attackers to guess the correct password.
CVE-2005-1746 2 Bea, Oracle 2 Weblogic Server, Weblogic Portal 2026-04-16 N/A
The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote attackers to cause a denial of service (cluster slowdown) via modified cookies.
CVE-2005-3084 1 Sony 1 Playstation Portable 2026-04-16 N/A
Buffer overflow in the TIFF library in the Photo Viewer for Sony PSP 2.0 firmware allows remote attackers to cause a denial of service via a crafted TIFF image.
CVE-2005-3085 1 Riverdark Studios 1 Rss Syndicator Module 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters.
CVE-2005-1747 2 Bea, Oracle 2 Weblogic Server, Weblogic Portal 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote attackers to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_username or (2) j_password parameters in the login page (LoginForm.jsp), (3) parameters to the error page in the Administration Console, (4) unknown vectors in the Server Console while the administrator has an active session to obtain the ADMINCONSOLESESSION cookie, or (5) an alternate vector in the Server Console that does not require an active session but also leaks the username and password.
CVE-2005-3086 1 Contentserv 1 Contentserv 2026-04-16 N/A
Directory traversal vulnerability in admin/about.php in contentServ 3.1 allows remote attackers to read or include arbitrary files via ".." sequences in the ctsWebsite parameter.
CVE-2002-1963 1 Linux 1 Linux Kernel 2026-04-16 N/A
Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows local users to cause a denial of service (resource exhaustion) by opening 10 setuid binaries.
CVE-2005-1781 1 Mailenable 2 Mailenable Enterprise, Mailenable Professional 2026-04-16 N/A
Unknown vulnerability in SMTP authentication for MailEnable allows remote attackers to cause a denial of service (crash).
CVE-2005-3098 1 Qualcomm 1 Qpopper 2026-04-16 N/A
poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument.
CVE-2001-0385 1 Goahead Software 1 Goahead Webserver 2026-04-16 N/A
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory.
CVE-2005-1789 1 India Software Solution 1 Shopping Cart 2026-04-16 N/A
SQL injection vulnerability in SignIn.asp in India Software Solution shopping cart allows remote attackers to execute arbitrary SQL commands via the password.
CVE-2005-3099 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.
CVE-2005-1797 1 Openssl 1 Openssl 2026-04-16 N/A
The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.
CVE-2005-3100 1 Astaro 1 Security Linux 2026-04-16 N/A
Unspecified "PPTP Remote DoS Vulnerability" in Astaro Security Linux 4.027 allows attackers to cause a denial of service.