Total
29916 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1864 | 1 Vincent Hor | 1 Calendarix Advanced | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the calpath parameter. | ||||
| CVE-2005-2918 | 1 Gtkdiskfree | 1 Gtkdiskfree | 2026-04-16 | N/A |
| The open_cmd_tube function in mount.c for gtkdiskfree 1.9.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the gtkdiskfree temporary file. | ||||
| CVE-2006-3537 | 1 Randshop | 1 Randshop | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in Randshop before 1.2 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter, a different vector than CVE-2006-3375. | ||||
| CVE-2006-0106 | 1 Wine | 1 Wine | 2026-04-16 | N/A |
| gdi/driver.c and gdi/printdrv.c in Wine 20050930, and other versions, implement the SETABORTPROC GDI Escape function call for Windows Metafile (WMF) files, which allows attackers to execute arbitrary code, the same vulnerability as CVE-2005-4560 but in a different codebase. | ||||
| CVE-2005-1905 | 1 Kaspersky Lab | 2 Kaspersky Anti-virus, Kaspersky Anti-virus Personal | 2026-04-16 | N/A |
| The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs. | ||||
| CVE-2006-1612 | 1 Aweb Labs | 1 Awebnews | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in visview.php in aWebNews 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) yname, (2) emailadd, (3) subject, and (4) comment parameters. | ||||
| CVE-2005-2939 | 1 Vmware | 1 Workstation | 2026-04-16 | N/A |
| Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. | ||||
| CVE-2006-1617 | 1 Advanced Poll | 1 Advanced Poll | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Advanced Poll 2.02 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to comments.php or (2) poll_id parameter to page.php. NOTE: it is possible that this issue is resultant from CVE-2006-1616. | ||||
| CVE-2005-1998 | 1 Mcgallery | 1 Mcgallery | 2026-04-16 | N/A |
| Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter. | ||||
| CVE-2005-2005 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2026-04-16 | N/A |
| Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information on registered users via a direct request to db/users.dat. | ||||
| CVE-2005-2007 | 1 Edgewall Software | 1 Trac | 2026-04-16 | N/A |
| Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the id parameter to the (1) upload or (2) attachment scripts. | ||||
| CVE-2005-2947 | 1 Killprocess | 1 Killprocess | 2026-04-16 | N/A |
| Buffer overflow in KillProcess 2.20 and earlier allows user-assisted attackers to execute arbitrary code via an exe file with a long FileDescription in the version resource. | ||||
| CVE-2006-0138 | 1 Amsn | 1 Amsn | 2026-04-16 | N/A |
| aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891). | ||||
| CVE-2006-0148 | 1 Netsarang | 1 Xlpd | 2026-04-16 | N/A |
| NetSarang Xlpd 2.1 allows remote attackers to cause a denial of service (crash) via a large number of connections from the same IP address. | ||||
| CVE-2005-2019 | 1 Freebsd | 1 Freebsd | 2026-04-16 | N/A |
| ipfw in FreeBSD 5.4, when running on Symmetric Multi-Processor (SMP) or Uni Processor (UP) systems with the PREEMPTION kernel option enabled, does not sufficiently lock certain resources while performing table lookups, which can cause the cache results to be corrupted during multiple concurrent lookups, allowing remote attackers to bypass intended access restrictions. | ||||
| CVE-2006-1631 | 1 Cisco | 1 Content Services Switch 11500 | 2026-04-16 | N/A |
| Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests. | ||||
| CVE-2006-3885 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Directory traversal vulnerability in Check Point Firewall-1 R55W before HFA03 allows remote attackers to read arbitrary files via an encoded .. (dot dot) in the URL on TCP port 18264. | ||||
| CVE-2005-2020 | 1 3com | 1 3c15100d | 2026-04-16 | N/A |
| Directory traversal vulnerability in the web server for 3Com Network Supervisor 5.0.2 allows remote attackers to read arbitrary files via ".." sequences in the URL to TCP port 21700. | ||||
| CVE-2005-2967 | 1 Xine | 1 Xine-lib | 2026-04-16 | N/A |
| Format string vulnerability in input_cdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD. | ||||
| CVE-2005-2031 | 1 Socialmpn | 1 Socialmpn | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtopic.php, the (5) secid or (6) artid parameter to sections.php, (7) siteid parameter to index.php, or (8) sid parameter to friend.php. | ||||