Search Results (363915 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3044 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-16 N/A
Multiple vulnerabilities in Linux kernel before 2.6.13.2 allow local users to cause a denial of service (kernel OOPS from null dereference) via (1) fput in a 32-bit ioctl on 64-bit x86 systems or (2) sockfd_put in the 32-bit routing_ioctl function on 64-bit systems.
CVE-2005-3046 1 Phpmyfaq 1 Phpmyfaq 2026-04-16 N/A
SQL injection vulnerability in password.php in PhpMyFaq 1.5.1 allows remote attackers to modify SQL queries and gain administrator privileges via the user field.
CVE-2005-3047 1 Phpmyfaq 1 Phpmyfaq 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFaq 1.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) PMF_CONF[version] parameter to footer.php or (2) PMF_LANG[metaLanguage] to header.php.
CVE-2006-1947 1 Nicplex 1 Plexum 2026-04-16 N/A
Multiple SQL injection vulnerabilities in plexum.php in NicPlex Plexum X5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pagesize, (2) maxrec, and (3) startpos parameters.
CVE-2005-3049 1 Phpmyfaq 1 Phpmyfaq 2026-04-16 N/A
PhpMyFaq 1.5.1 stores data files under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain sensitive information via a direct request to the data/tracking[DATE] file.
CVE-2006-1948 1 Ibm 1 Lotus Notes 2026-04-16 N/A
The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient.
CVE-2005-3051 1 Igor Pavlov 1 7-zip 2026-04-16 N/A
Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA, as used in products including Turbo Searcher, allows remote attackers to execute arbitrary code via a large ARJ block.
CVE-2005-3054 1 Php 1 Php 2026-04-16 N/A
fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly restrict access to other directories when the open_basedir directive includes a trailing slash, which allows PHP scripts in one directory to access files in other directories whose names are substrings of the original directory.
CVE-2005-3055 3 Debian, Linux, Redhat 3 Debian Linux, Linux Kernel, Enterprise Linux 2026-04-16 N/A
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS) via a userspace process that issues a USB Request Block (URB) to a USB device and terminates before the URB is finished, which leads to a stale pointer reference.
CVE-2006-1949 1 Nicplex 1 Plexcart 2026-04-16 N/A
SQL injection vulnerability in plexcart.pl in NicPlex PlexCart X3 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter.
CVE-2005-3058 1 Fortinet 2 Fortigate, Fortios 2026-04-16 N/A
Interpretation conflict in Fortinet FortiGate 2.8, running FortiOS 2.8MR10 and v3beta, allows remote attackers to bypass the URL blocker via an (1) HTTP request terminated with a line feed (LF) and not carriage return line feed (CRLF) or (2) HTTP request with no Host field, which is still processed by most web servers without violating RFC2616.
CVE-2005-3060 1 Ibm 1 Aix 2026-04-16 N/A
Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.
CVE-2006-1953 1 Caucho Technology 1 Resin 2026-04-16 N/A
Directory traversal vulnerability in Caucho Resin 3.0.17 and 3.0.18 for Windows allows remote attackers to read arbitrary files via a "C:%5C" (encoded drive letter) in a URL.
CVE-2005-3061 1 Powerarchiver 4 Powerarchiver 2002, Powerarchiver 2003, Powerarchiver 2004 and 1 more 2026-04-16 N/A
Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remote attackers to execute arbitrary code via a long filename in a (1) ACE or (2) ARJ archive.
CVE-2005-3063 1 Unu Networks 1 Mailgust 2026-04-16 N/A
SQL injection vulnerability in MailGust 1.9 allows remote attackers to execute arbitrary SQL commands via the email field on the password reminder page.
CVE-1999-0941 1 Mutt 1 Mutt 2026-04-16 N/A
Mutt mail client allows a remote attacker to execute commands via shell metacharacters.
CVE-2005-3071 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS.
CVE-2006-1958 1 Wired Community Software 1 Wwwthreads 2026-04-16 N/A
Multiple SQL injection vulnerabilities in WWWThreads RC 3 allow remote attackers to execute arbitrary SQL commands via (1) the forumreferrer cookie to register.php and (2) the messages parameter in message_list.php.
CVE-2005-3072 1 Interchange Development Group 1 Interchange 2026-04-16 N/A
SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2006-1960 1 Cisco 1 Wireless Lan Solution Engine 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 allows remote attackers to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.