Export limit exceeded: 359931 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359931 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3982 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| CRLF injection vulnerability in layers_toggle.php in WebCalendar 1.0.1 might allow remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via the ret parameter, which is used to redirect URL requests. | ||||
| CVE-2005-3983 | 1 Hp | 1 Systems Insight Manager | 2026-04-16 | N/A |
| Unknown vulnerability in the login page for HP Systems Insight Manager (SIM) 4.0 and 4.1, when accessed by Microsoft Internet Explorer with the MS04-025 patch, leads to a denial of service (browser hang). NOTE: although the advisory is vague, this issue does not appear to involve an attacker at all. If not, then this issue is not a vulnerability. | ||||
| CVE-2005-3984 | 1 Webcalendar | 1 Webcalendar | 2026-04-16 | N/A |
| SQL injection vulnerability in WebCalendar 1.0.1 allows remote attackers to execute arbitrary SQL commands via the time_range parameter to edit_report_handler.php. NOTE: the startid/activity_log.php vector is already covered by CVE-2005-3949. | ||||
| CVE-2005-3985 | 1 Astaro | 1 Security Linux | 2026-04-16 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-3986 | 1 Verosky Media | 1 Instant Photo Gallery | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) cat_id parameter in portfolio.php and (2) cid parameter in content.php. | ||||
| CVE-2005-3988 | 1 Pineapple Technologies | 1 Lore | 2026-04-16 | N/A |
| SQL injection vulnerability in article.php in Pineapple Technologies Lore 1.5.4 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||
| CVE-2005-3989 | 1 Avaya | 1 Tn2602ap Ip Media Resource 320 Circuit Pack | 2026-04-16 | N/A |
| Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote attackers to cause a denial of service (memory consumption) via crafted VoIP packets. | ||||
| CVE-2005-3991 | 1 Phpheaven | 1 Phpmychat | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpMyChat 0.14.6 allow remote attackers to inject arbitrary web script or HTML via the medium parameter to (1) start_page.css.php and (2) style.css.php; or the From parameter to users_popupL.php. | ||||
| CVE-2005-3992 | 1 Wineggdropshell | 1 Wineggdropshell | 2026-04-16 | N/A |
| Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers to execute arbitrary code via (1) a long GET request to the HTTP server, or a long (2) USER or (3) PASS command to the FTP server. | ||||
| CVE-2005-3993 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| Multiple unspecified vulnerabilities in MailEnable Professional 1.6 and earlier and Enterprise 1.1 and earlier allow attackers to cause a denial of service (crash) via invalid IMAP commands. | ||||
| CVE-2005-3850 | 1 Onlinetechtools.com | 1 Okbsys Lite | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the q parameter. | ||||
| CVE-2005-3849 | 1 Pmwiki | 1 Pmwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Search module in PmWiki up to 2.0.12 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | ||||
| CVE-2005-3845 | 1 Ezinvoiceinc | 1 Ez Invoice Inc | 2026-04-16 | N/A |
| SQL injection vulnerability in invoices.php in EZ Invoice Inc 2.0 allows remote attackers to execute arbitrary SQL commands via the i parameter. NOTE: the vendor has stated "EZ Invoice, Inc has a patah available. Please email support@ezinvoiceinc.com and EZI will email you the patch to fix this small issue." | ||||
| CVE-2005-3846 | 1 Fscripts | 1 Fantastic News | 2026-04-16 | N/A |
| SQL injection vulnerability in news.php in Fantastic News 2.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter. | ||||
| CVE-2005-3848 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2026-04-16 | N/A |
| Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply." | ||||
| CVE-2005-3842 | 1 Pdjkeelan.com | 1 Pdjk-support Suite | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in pdjk-support suite 1.1a and earlier allows remote attackers to execute arbitrary SQL commands via the (1) rowstart, (2) news_id, and (3) faq_id parameters. | ||||
| CVE-2005-3841 | 1 Kplaylist | 1 Kplaylist | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in kPlaylist 1.6 (build 400), and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchfor search parameter. | ||||
| CVE-2005-3840 | 1 Omnistar Interactive | 1 Omnistar Live | 2026-04-16 | N/A |
| SQL injection vulnerability in kb.php in Omnistar Live 5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) id and (2) category_id parameter. NOTE: due to a typo, an Internet Explorer issue was incorrectly assigned this identifier, but the correct identifier is CVE-2005-3240. | ||||
| CVE-2005-3839 | 1 Supportpro | 1 Supportdesk | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SupportPRO Supportdesk allows remote attackers to inject arbitrary web script or HTML via the (1) post tickers and (2) view tickets options. | ||||
| CVE-2005-3838 | 1 Isolsoft | 1 Support Center | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in search.php in IsolSoft Support Center 2.2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) lorder, (2) Priority, (3) Status, (4) Category, (5) searchvalue, and (6) field parameter. | ||||