Export limit exceeded: 363654 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 363654 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363654 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2626 | 1 Kismet | 1 Kismet | 2026-04-16 | N/A |
| Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID. | ||||
| CVE-2005-3796 | 1 Alstrasoft | 1 Affiliate Network Pro | 2026-04-16 | N/A |
| Direct static code injection vulnerability in admin_options_manage.php in AlstraSoft Affiliate Network Pro 7.2 allows attackers to execute arbitrary PHP code via the number parameter. NOTE: it is not clear from the original report whether administrator privileges are required. If not, then this does not cross privilege boundaries and is not a vulnerability. | ||||
| CVE-2005-2627 | 1 Kismet | 1 Kismet | 2026-04-16 | N/A |
| Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based buffer overflows. | ||||
| CVE-2005-3797 | 1 Alstrasoft | 1 Template Seller | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter. | ||||
| CVE-2005-2628 | 2 Macromedia, Redhat | 2 Flash Player, Rhel Extras | 2026-04-16 | N/A |
| Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer. | ||||
| CVE-2005-3798 | 1 Alstrasoft | 1 Template Seller | 2026-04-16 | N/A |
| SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary SQL commands via the username field. | ||||
| CVE-2005-3799 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path. | ||||
| CVE-2006-3502 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled. | ||||
| CVE-2006-3503 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image. | ||||
| CVE-2006-3504 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari. | ||||
| CVE-2005-2629 | 2 Realnetworks, Redhat | 5 Helix Player, Realone Player, Realplayer and 2 more | 2026-04-16 | N/A |
| Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481. | ||||
| CVE-2005-2630 | 1 Realnetworks | 2 Realone Player, Realplayer | 2026-04-16 | N/A |
| Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094. | ||||
| CVE-2005-3371 | 1 Grisoft | 1 Avg Antivirus | 2026-04-16 | N/A |
| Multiple interpretation error in AVG 7 7.0.323 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2005-2632 | 1 Mediabox404 | 1 Mediabox404 | 2026-04-16 | N/A |
| SQL injection vulnerability in login_admin_mediabox404.php in mediabox404 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the User field. | ||||
| CVE-2005-3372 | 1 Broadcom | 1 Etrust Antivirus | 2026-04-16 | N/A |
| Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2005-2633 | 1 Phptb | 1 Topic Boards | 2026-04-16 | N/A |
| Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter. | ||||
| CVE-2005-3373 | 1 Dr.web | 1 Dr.web Antivirus | 2026-04-16 | N/A |
| Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." | ||||
| CVE-2005-3800 | 1 Macromedia | 1 Contribute Publishing Server | 2026-04-16 | N/A |
| Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak algorithm to encrypt user password in connection keys that use shared FTP login credentials, which allows attackers to obtain sensitive information. | ||||
| CVE-2005-0533 | 1 Trend Micro | 15 Client-server-messaging Suite Smb, Client-server Suite Smb, Control Manager and 12 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure. | ||||
| CVE-2005-0537 | 1 Igeneric | 1 Free Shopping Cart | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) Shop 1.2 may allow remote attackers to execute arbitrary SQL statements via the (1) cats, (2) l_price, or (3) u_price parameters. | ||||