Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3737 | 1 Inkscape | 1 Inkscape | 2025-04-03 | N/A |
| Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values. | ||||
| CVE-2005-3738 | 1 Mambo | 1 Mambo Site Server | 2025-04-03 | N/A |
| globals.php in Mambo Site Server 4.0.14 and earlier, when register_globals is disabled, allows remote attackers to overwrite variables in the GLOBALS array and conduct various attacks, as demonstrated using the mosConfig_absolute_path parameter to content.html.php for remote PHP file inclusion. | ||||
| CVE-2005-3778 | 1 Mybulletinboard | 1 Mybulletinboard | 2025-04-03 | N/A |
| Unspecified vulnerability in MyBulletinBoard (MyBB) before 1.0 PR2 Rev 686 allows attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2005-3799 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | N/A |
| phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query, which generates an error message that reveals SQL syntax or the full installation path. | ||||
| CVE-2005-3800 | 1 Macromedia | 1 Contribute Publishing Server | 2025-04-03 | N/A |
| Macromedia Contribute Publishing Server (CPS) before 1.11 uses a weak algorithm to encrypt user password in connection keys that use shared FTP login credentials, which allows attackers to obtain sensitive information. | ||||
| CVE-2005-3802 | 1 Belkin | 2 F5d7230-4, F5d7232-4 | 2025-04-03 | N/A |
| Belkin F5D7232-4 and F5D7230-4 wireless routers with firmware 4.03.03 and 4.05.03, when a legitimate administrator is logged into the web management interface, allow remote attackers to access the management interface without authentication. | ||||
| CVE-2005-3805 | 1 Linux | 1 Linux Kernel | 2025-04-03 | N/A |
| A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service (deadlock) involving process CPU timers. | ||||
| CVE-2005-3829 | 1 Activecampaign | 1 Knowledgebuilder | 2025-04-03 | N/A |
| index.php in ActiveCampaign KnowledgeBuilder 2.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an invalid category parameter, which causes a large number of SQL queries to be processed. | ||||
| CVE-2005-3830 | 1 Activecampaign | 1 Supporttrio | 2025-04-03 | N/A |
| index.php in ActiveCampaign SupportTrio 1.4 and earlier allows remote attackers to read or include arbitrary files via the page parameter, possibly due to a directory traversal vulnerability. | ||||
| CVE-2005-3833 | 1 Tunez | 1 Tunez | 2025-04-03 | N/A |
| SQL injection vulnerability in songinfo.php in Tunez 1.21 and earlier allows remote attackers to execute arbitrary SQL commands via the song_id parameter. | ||||
| CVE-2005-3883 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2025-04-03 | N/A |
| CRLF injection vulnerability in the mb_send_mail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds (LF) in the "To" address argument. | ||||
| CVE-2005-3884 | 1 Zainu | 1 Zainu | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in the search action in Zainu 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term and (2) start parameters to index.php. | ||||
| CVE-2005-3885 | 1 Inkscape | 1 Inkscape | 2025-04-03 | N/A |
| The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. | ||||
| CVE-2005-3886 | 1 Cisco | 1 Security Agent | 2025-04-03 | N/A |
| Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software. | ||||
| CVE-2005-3887 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Gadu-Gadu 7.20 does not properly handle MS-DOS device names in filenames, which allows remote attackers to (1) cause a denial of service (hang) via an image filename of AUX: sent twice (hang), or (2) write to the LPT1 port via a filename of "LPT1:". | ||||
| CVE-2005-3888 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but does not free it after the packet has been dropped. | ||||
| CVE-2005-3889 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code of 6 or 7, which triggers a large number of popup windows to the user and creates a large number of threads. | ||||
| CVE-2005-3890 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs. | ||||
| CVE-2005-3927 | 1 Guppy | 1 Guppy | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in GuppY 4.5.9 and earlier allow remote attackers to read and include arbitrary files via (1) the meskin parameter to admin/editorTypetool.php, or the lng parameter to the in admin/inc scripts (2) archbatch.php, (3) dbbatch.php, and (4) nwlmail.php. | ||||
| CVE-2005-3930 | 1 N-13 News | 1 N-13 News | 2025-04-03 | N/A |
| SQL injection vulnerability in index.php in N-13 News 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||