Export limit exceeded: 363654 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363654 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363654 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-2626 1 Kismet 1 Kismet 2026-04-16 N/A
Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID.
CVE-2005-3796 1 Alstrasoft 1 Affiliate Network Pro 2026-04-16 N/A
Direct static code injection vulnerability in admin_options_manage.php in AlstraSoft Affiliate Network Pro 7.2 allows attackers to execute arbitrary PHP code via the number parameter. NOTE: it is not clear from the original report whether administrator privileges are required. If not, then this does not cross privilege boundaries and is not a vulnerability.
CVE-2005-2627 1 Kismet 1 Kismet 2026-04-16 N/A
Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based buffer overflows.
CVE-2005-3797 1 Alstrasoft 1 Template Seller 2026-04-16 N/A
PHP remote file inclusion vulnerability in payment_paypal.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary PHP code via the config[basepath] parameter.
CVE-2005-2628 2 Macromedia, Redhat 2 Flash Player, Rhel Extras 2026-04-16 N/A
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
CVE-2005-3798 1 Alstrasoft 1 Template Seller 2026-04-16 N/A
SQL injection vulnerability in admin/index.php in AlstraSoft Template Seller Pro 3.25 allows remote attackers to execute arbitrary SQL commands via the username field.
CVE-2005-3799 1 Phpbb Group 1 Phpbb 2026-04-16 N/A
phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path.
CVE-2006-3502 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Unspecified vulnerability in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image that triggers a memory allocation failure that is not properly handled.
CVE-2006-3503 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image.
CVE-2006-3504 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The Download Validation in LaunchServices for Apple Mac OS X 10.4.7 can identify certain HTML as "safe", which could allow attackers to execute Javascript code in local context when the "Open 'safe' files after downloading" option is enabled in Safari.
CVE-2005-2629 2 Realnetworks, Redhat 5 Helix Player, Realone Player, Realplayer and 2 more 2026-04-16 N/A
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.
CVE-2005-2630 1 Realnetworks 2 Realone Player, Realplayer 2026-04-16 N/A
Heap-based buffer overflow in DUNZIP32.DLL for RealPlayer 8, 10, and 10.5 and RealOne Player 1 and 2 allows remote attackers to execute arbitrary code via a crafted RealPlayer Skin (RJS) file, a different vulnerability than CVE-2004-1094.
CVE-2005-3371 1 Grisoft 1 Avg Antivirus 2026-04-16 N/A
Multiple interpretation error in AVG 7 7.0.323 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-2005-2632 1 Mediabox404 1 Mediabox404 2026-04-16 N/A
SQL injection vulnerability in login_admin_mediabox404.php in mediabox404 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the User field.
CVE-2005-3372 1 Broadcom 1 Etrust Antivirus 2026-04-16 N/A
Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-2005-2633 1 Phptb 1 Topic Boards 2026-04-16 N/A
Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter.
CVE-2005-3373 1 Dr.web 1 Dr.web Antivirus 2026-04-16 N/A
Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
CVE-2005-3800 1 Macromedia 1 Contribute Publishing Server 2026-04-16 N/A
Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak algorithm to encrypt user password in connection keys that use shared FTP login credentials, which allows attackers to obtain sensitive information.
CVE-2005-0533 1 Trend Micro 15 Client-server-messaging Suite Smb, Client-server Suite Smb, Control Manager and 12 more 2026-04-16 N/A
Heap-based buffer overflow in Trend Micro AntiVirus Library VSAPI before 7.510, as used in multiple Trend Micro products, allows remote attackers to execute arbitrary code via a crafted ARJ file with long header file names that modify pointers within a structure.
CVE-2005-0537 1 Igeneric 1 Free Shopping Cart 2026-04-16 N/A
Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) Shop 1.2 may allow remote attackers to execute arbitrary SQL statements via the (1) cats, (2) l_price, or (3) u_price parameters.