Total
29926 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-2799 | 1 Linksys | 1 Wrt54g | 2026-04-16 | N/A |
| Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | ||||
| CVE-2006-3499 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| The dynamic linker (dyld) in Apple Mac OS X 10.3.9 allows local users to obtain sensitive information via unspecified dynamic linker options that affect the use of standard error (stderr) by privileged applications. | ||||
| CVE-2005-2809 | 1 Silc | 1 Secure Internet Live Conferencing | 2026-04-16 | N/A |
| silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file. | ||||
| CVE-2006-1534 | 1 Null News | 1 Null News | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via (1) the user_email parameter in (a) lostpass.php, and the (2) user_email and (3) user_username parameters in (b) sub.php and (c) unsub.php. | ||||
| CVE-2005-2820 | 1 Inter7 | 1 Sqwebmail | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 allows remote attackers to inject arbitrary web script or HTML via an e-mail message containing Internet Explorer "Conditional Comments" such as "[if]" and "[endif]". | ||||
| CVE-2005-2840 | 1 Maxdev | 1 Md-pro | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier have unknown impact and unspecified attack vectors, in one or more of the (1) Download, (2) Search, (3) Web links, (4) Blocks, (5) Messages, (6) News, (7) Comments, (8) Settings, (9) Stats or (10) subjects modules. | ||||
| CVE-2006-3508 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Heap-based buffer overflow in the AirPort wireless driver on Apple Mac OS X 10.4.7 allows physically proximate attackers to cause a denial of service (crash), gain privileges, and execute arbitrary code via a crafted frame that is not properly handled during scan cache updates. | ||||
| CVE-2005-2853 | 1 Guppy | 1 Guppy | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GuppY 4.5.3a and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the pg parameter to printfaq.php, or the (2) Referer or (3) User-Agent HTTP headers, which are not properly handled by error.php. | ||||
| CVE-2006-1536 | 1 Phoetux.net | 1 Phxcontacts | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) motclef and (2) nbr_line_view parameters in (a) carnet.php, and the (3) id_contact parameter in (b) contact_view.php. | ||||
| CVE-2005-2858 | 1 Rediff | 1 Bol | 2026-04-16 | N/A |
| The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol 7.0 allows remote attackers to read the Windows Address Book via the FullAddressBook method. | ||||
| CVE-2006-0037 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| ip_nat_pptp in the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) in Linux kernel 2.6.14, and other versions, allows local users to cause a denial of service (memory corruption or crash) via a crafted outbound packet that causes an incorrect offset to be calculated from pointer arithmetic when non-linear SKBs (socket buffers) are used. | ||||
| CVE-2005-1765 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| syscall in the Linux kernel 2.6.8.1 and 2.6.10 for the AMD64 platform, when running in 32-bit compatibility mode, allows local users to cause a denial of service (kernel hang) via crafted arguments. | ||||
| CVE-2005-2866 | 1 Mercora | 1 Imradio | 2026-04-16 | N/A |
| Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges. | ||||
| CVE-2005-2868 | 1 Ziptorrent | 1 Ziptorrent | 2026-04-16 | N/A |
| ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pref.txt file, which allows local users to obtain sensitive information such as proxy server information and passwords. | ||||
| CVE-2005-2875 | 1 Py2play | 1 Py2play | 2026-04-16 | N/A |
| Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes. | ||||
| CVE-2006-2735 | 1 Activity Mod Plus | 1 Activity Mod Plus | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD Plus (Amod) 1.1.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: This is a similar vulnerability to CVE-2006-2507. | ||||
| CVE-2006-2739 | 1 Epic Designs | 1 Tinybb | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in footers.php in Epicdesigns tinyBB 0.3, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the tinybb_footers parameter. | ||||
| CVE-2006-3517 | 1 Rwscripts.com | 1 Rw Download | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in stats.php in RW::Download, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. | ||||
| CVE-2005-1801 | 1 Nokia | 1 9500 | 2026-04-16 | N/A |
| The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it. | ||||
| CVE-2005-1804 | 1 Net Portal Dynamic System | 1 Net Portal Dynamic System | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php. | ||||