Total
29932 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3114 | 1 Nateon | 1 Nateon Messenger | 2026-04-16 | N/A |
| Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long third argument to the GotNate.Excute method. | ||||
| CVE-2006-2533 | 1 Greg Donald | 1 Destiney Rated Images Script | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag. | ||||
| CVE-2005-3116 | 1 Symantec Veritas | 1 Netbackup | 2026-04-16 | N/A |
| Stack-based buffer overflow in a shared library as used by the Volume Manager daemon (vmd) in VERITAS NetBackup Enterprise Server 5.0 MP1 to MP5 and 5.1 up to MP3A allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2006-2541 | 1 John Andersson | 1 Zixforum | 2026-04-16 | N/A |
| SQL injection vulnerability in settings.asp in Zixforum 1.12 allows remote attackers to execute arbitrary SQL commands via the layid parameter to (1) login.asp and (2) main.asp. | ||||
| CVE-2005-3118 | 1 William Stearns | 1 Mason | 2026-04-16 | N/A |
| Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot. | ||||
| CVE-2005-3123 | 1 Gnu | 1 Gnump3d | 2026-04-16 | N/A |
| Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed. | ||||
| CVE-2006-2544 | 1 Xtreme Scripts | 1 Xtreme Topsites | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Xtreme Topsites 1.1, with magic_quotes_gpc disabled, allow remote attackers to execute arbitrary SQL commands via the (1) searchthis parameter in lostid.php and (2) id parameter in stats.php. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information. | ||||
| CVE-2005-3124 | 1 Acme Labs | 1 Thttpd | 2026-04-16 | N/A |
| syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file. | ||||
| CVE-2005-3129 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Serendipity 0.8.4 and earlier allows remote attackers to perform unauthorized actions as a logged in user via a link or IMG tag to serendipity_admin.php. | ||||
| CVE-2005-3133 | 2 Icewarp, Merak | 2 Web Mail, Mail Server | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in MERAK Mail Server 8.2.4r with Icewarp Web Mail 5.5.1, and possibly earlier versions, allows remote attackers to (1) delete arbitrary files or directories via a relative path to the id parameter to logout.html or (2) include arbitrary PHP files or other files via the helpid parameter to help.html. | ||||
| CVE-2006-2570 | 1 Calogic | 1 Calogic Calendars | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS["CLPath"] parameter to (1) reconfig.php and (2) srxclr.php. NOTE: this might be due to a globals overwrite issue. | ||||
| CVE-2005-3135 | 1 Virtools | 1 Web Player | 2026-04-16 | N/A |
| Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename. | ||||
| CVE-2005-3141 | 1 Cerulean Studios | 1 Trillian | 2026-04-16 | N/A |
| Cerulean Studios Trillian 3.0 allows remote attackers to cause a denial of service (crash) via a reverse direct connection from a different client, as demonstrated using LICQ. | ||||
| CVE-2005-3143 | 1 4d | 1 Webstar | 2026-04-16 | N/A |
| Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2. | ||||
| CVE-2006-2572 | 1 Dian Gemilang | 1 Dgbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) email, and (4) address parameters. | ||||
| CVE-2005-3146 | 2 Storebackup, Suse | 2 Storebackup, Suse Linux | 2026-04-16 | N/A |
| StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2006-2573 | 1 Dian Gemilang | 1 Dgbook | 2026-04-16 | N/A |
| SQL injection vulnerability in index.php in DGBook 1.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the (1) name, (2) email, (3) homepage, (4) address, (5) comment, and (6) ip parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-3147 | 2 Storebackup, Suse | 2 Storebackup, Suse Linux | 2026-04-16 | N/A |
| StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information. | ||||
| CVE-2006-2585 | 1 Greg Donald | 1 Destiney Links Script | 2026-04-16 | N/A |
| SQL injection vulnerability in Destiney Links Script 2.1.2 allows remote attackers to execute arbitrary SQL commands via the ID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-3148 | 2 Storebackup, Suse | 2 Storebackup, Suse Linux | 2026-04-16 | N/A |
| StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership. | ||||