Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3042 | 2 Usermin, Webmin | 2 Usermin, Webmin | 2025-04-03 | N/A |
| miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return). | ||||
| CVE-2005-3060 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors. | ||||
| CVE-2005-3080 | 1 Geshi | 1 Geshi | 2025-04-03 | N/A |
| contrib/example.php in GeSHi before 1.0.7.3 allows remote attackers to read arbitrary files via the language field without a source field set. | ||||
| CVE-2005-3073 | 1 Interchange Development Group | 1 Interchange | 2025-04-03 | N/A |
| Unspecified vulnerability in Interchange 5.0.1 allows attackers 4.9.3, 5.0 before 5.0.2, and 5.2, when a catalog has been created using the (1) "mike", (2) "standard", or (3) "foundation" demo, allows attackers to inject Interchange Tag Language (ITL) elements into the forum/submit.html page. | ||||
| CVE-2005-3074 | 1 Rsyslog | 1 Rsyslogd | 2025-04-03 | N/A |
| SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and before 1.10.1 allows remote attackers to execute arbitrary SQL commands via crafted syslog messages. | ||||
| CVE-2005-3075 | 1 Mpc-donkey | 1 Zengaia | 2025-04-03 | N/A |
| SQL injection vulnerability in Zengaia before 0.2 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2005-3076 | 1 Simplog | 1 Simplog | 2025-04-03 | N/A |
| Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid (1) pid, (2) blogid, (3) cid, or (4) m parameters to archive.php, or the (5) blogid parameter to blogadmin.php. | ||||
| CVE-2005-3078 | 1 Punbb | 1 Punbb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature. | ||||
| CVE-2005-3079 | 1 Punbb | 1 Punbb | 2025-04-03 | N/A |
| PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection. | ||||
| CVE-2005-3081 | 1 Wzdftpd | 1 Wzdftpd | 2025-04-03 | N/A |
| wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command. | ||||
| CVE-2005-3112 | 1 Macromedia | 1 Breeze | 2025-04-03 | N/A |
| The "reset password" feature in Macromedia Breeze 5.0 stores passwords in plaintext in the database instead of the hash, which allows attackers with access to the database to obtain the passwords. | ||||
| CVE-2005-3114 | 1 Nateon | 1 Nateon Messenger | 2025-04-03 | N/A |
| Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method. | ||||
| CVE-2005-3115 | 1 Mpeg-tools | 1 Mpeg-tools | 2025-04-03 | N/A |
| mpeg-tools before 1.5b-r2 creates multiple temporary files insecurely, which allows local users to overwrite arbitrary files via (1) ts.stat, (2) ts.mpg, (3) foobar, (4) blockbar, or (5) foobar[NNN]. | ||||
| CVE-2005-3116 | 1 Symantec Veritas | 1 Netbackup | 2025-04-03 | N/A |
| Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2005-3118 | 1 William Stearns | 1 Mason | 2025-04-03 | N/A |
| Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot. | ||||
| CVE-2005-3135 | 1 Virtools | 1 Web Player | 2025-04-03 | N/A |
| Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename. | ||||
| CVE-2005-3250 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. | ||||
| CVE-2005-3194 | 1 Estsoft | 1 Alzip | 2025-04-03 | N/A |
| Multiple buffer overflows in ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English) allow remote attackers to execute arbitrary code via a long filename in a compressed (1) ALZ, (2) ARJ, (3) ZIP, (4) UUE, or (5) XXE archive. | ||||
| CVE-2005-3196 | 1 Planet Technology Corp | 1 Fgsw2402rs | 2025-04-03 | N/A |
| Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges. | ||||
| CVE-2005-3198 | 1 Webroot Software | 1 Desktop Firewall | 2025-04-03 | N/A |
| Webroot Desktop Firewall before 1.3.0build52 allows local users to disable the firewall, even when password protection is enabled, via certain DeviceIoControl commands. | ||||