Search Results (29926 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-3071 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS.
CVE-2006-4822 1 Emusoft 1 Emucms 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in index.php in eMuSOFT emuCMS 0.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) query or (2) page parameters.
CVE-2005-3072 1 Interchange Development Group 1 Interchange 2026-04-16 N/A
SQL injection vulnerability in pages/forum/submit.html in Interchange 4.9.3 up to 5.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors.
CVE-2005-3074 1 Rsyslog 1 Rsyslogd 2026-04-16 N/A
SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and before 1.10.1 allows remote attackers to execute arbitrary SQL commands via crafted syslog messages.
CVE-2006-4827 1 Vmist 1 Downstat 2026-04-16 N/A
Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat 1.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the art parameter to (1) admin.php, (2) chart.php, (3) modes.php, or (4) stats.php.
CVE-2005-2243 1 Cisco 1 Call Manager 2026-04-16 N/A
Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail.
CVE-2006-2654 1 Freebsd 1 Freebsd 2026-04-16 N/A
Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier.
CVE-2005-3077 1 Microsoft 1 Ie For Macintosh 2026-04-16 N/A
Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers to cause a denial of service (crash) via a web page with malformed attributes in a BGSOUND tag, possibly involving double-quotes in an about: URI.
CVE-2006-4832 1 Verso Netperformer 1 Frame Relay Access Device Act 2026-04-16 N/A
Buffer overflow in the telnet service in Verso NetPerformer FRAD ACT SDM-95xx 7.xx (R1) and earlier, SDM-93xx 10.x.x (R2) and earlier, and SDM-92xx 9.x.x (R1) and earlier allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via a long username.
CVE-2005-3078 1 Punbb 1 Punbb 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PunBB before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the "forgotten e-mail" feature.
CVE-2006-4836 1 Codeworx Technologies 1 Dcp-portal 2026-04-16 N/A
SQL injection vulnerability in login.php in DCP-Portal SE 6.0 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: The lostpassword.php and calendar.php vectors are already covered by CVE-2005-3365, and the search.php vector is already covered by CVE-2005-4227.
CVE-2005-3079 1 Punbb 1 Punbb 2026-04-16 N/A
PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection.
CVE-2005-2247 1 Moodle 1 Moodle 2026-04-16 N/A
Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors.
CVE-2005-3081 1 Wzdftpd 1 Wzdftpd 2026-04-16 N/A
wzdftpd 0.5.4 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the SITE command.
CVE-2006-4845 1 George Lewe 1 Teamcal Pro 2026-04-16 N/A
PHP remote file inclusion vulnerability in includes/footer.html.inc.php in TeamCal Pro 2.8.001 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tc_config[app_root] parameter.
CVE-2005-3085 1 Riverdark Studios 1 Rss Syndicator Module 2026-04-16 N/A
Multiple cross-site scripting (XSS) vulnerabilities in rss.php in Riverdark Studios RSS Syndicator module 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) forum or (2) topic parameters.
CVE-2006-4861 1 Mohammed Mehdi Panjwani 1 Complain Center 2026-04-16 N/A
SQL injection vulnerability in loginprocess.asp in Mohammed Mehdi Panjwani Complain Center 1 allows remote attackers to execute arbitrary SQL commands via the (1) TxtUser (aka Username) and (2) TxtPass (aka Password) parameters in login.asp.
CVE-2005-2249 1 Jinzora 1 Jinzora 2026-04-16 N/A
Multiple unknown vulnerabilities in Jinzora 2.0.1 have unknown impact and attack vectors, possibly involving a PHP file inclusion vulnerability.
CVE-2005-3089 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-16 N/A
Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability.
CVE-2006-4862 1 Easypagecms 1 Easypagecms 2026-04-16 N/A
SQL injection vulnerability in default.aspx in easypage allows remote attackers to execute arbitrary SQL commands via the srch parameter in the Search page.