Search Results (364053 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3462 1 Oracle 1 Peoplesoft Enterprise 2026-04-16 N/A
Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.02 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE02.
CVE-2005-3465 2 Jdedwards, Oracle 2 Oneworld Xe, Enterpriseone 2026-04-16 N/A
Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JDE01.
CVE-2005-3476 1 Hp 1 Openvms 2026-04-16 N/A
Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, allows local users to cause a denial of service.
CVE-2005-3477 1 Invision Power Services 1 Invision Gallery 2026-04-16 N/A
Multiple interpretation error in the image upload handling code in Invision Gallery 2.0.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML or script in an image whose type does not match its extension, which is rendered by Internet Explorer due to CVE-2005-3312. NOTE: it could be argued that this vulnerability is due to a design flaw in Internet Explorer and the proper fix should be in that browser; if so, then this should not be treated as a vulnerability in Invision Gallery.
CVE-2005-3478 1 Phpcafe 1 Tutorial Manager 2026-04-16 N/A
SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2005-3479 1 Ringtail 1 Casebook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter.
CVE-1999-1135 1 Hp 1 Hp-ux 2026-04-16 N/A
Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438.
CVE-2006-3404 2 Gimp, Redhat 2 Gimp, Enterprise Linux 2026-04-16 N/A
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
CVE-2006-3408 1 Tor 1 Tor 2026-04-16 N/A
Unspecified vulnerability in the directory server (dirserver) in Tor before 0.1.1.20 allows remote attackers to cause an unspecified denial of service via unknown vectors.
CVE-2006-3412 1 Tor 1 Tor 2026-04-16 N/A
Tor before 0.1.1.20 does not sufficiently obey certain firewall options, which allows remote attackers to bypass intended access restrictions for dirservers, direct connections, or proxy servers.
CVE-2005-3482 1 Cisco 3 Aironet Ap1131, Aironet Ap1200, Aironet Ap1240 2026-04-16 N/A
Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host.
CVE-2005-3484 1 Nero 1 Neronet 2026-04-16 N/A
Directory traversal vulnerability in NeroNET 1.2.0.2 and earlier allows remote attackers to read arbitrary files with certain file extensions (such as ZIP, AVI, JPG, TXT, and HTML) via ".." and hex-encoded (1) slash "/" ("%2f") or (2) backslash "\" ("%5c") sequences.
CVE-2006-3413 1 Tor 1 Tor 2026-04-16 N/A
The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information.
CVE-2005-3488 1 Scorched 3d 1 Scorched 3d 2026-04-16 N/A
Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler.cpp.
CVE-2005-3489 1 Asus 1 Video Security Online 2026-04-16 N/A
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string.
CVE-2005-3491 1 Johannes F. Kuhlmann 1 Flatfrag 2026-04-16 N/A
Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields.
CVE-2006-3414 1 Tor 1 Tor 2026-04-16 N/A
Tor before 0.1.1.20 supports server descriptors that contain hostnames instead of IP addresses, which allows remote attackers to arbitrarily group users by providing preferential address resolution.
CVE-2005-3492 1 Johannes F. Kuhlmann 1 Flatfrag 2026-04-16 N/A
FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference.
CVE-2005-3494 1 Ar-blog 1 Ar-blog 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog comment.
CVE-2006-3419 1 Tor 1 Tor 2026-04-16 N/A
Tor before 0.1.1.20 uses OpenSSL pseudo-random bytes (RAND_pseudo_bytes) instead of cryptographically strong RAND_bytes, and seeds the entropy value at start-up with 160-bit chunks without reseeding, which makes it easier for attackers to conduct brute force guessing attacks.