CVE-2005-3413

Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter.

Publication date: Wed, 02 Nov 2005 02:03:00 +0000

Cyber News related to CVE-2005-3413

CVE-2005-3413 - Cross-site scripting (XSS) vulnerability in desktop.php in eyeOS 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the motd parameter. ...
7 years ago

CVE-2009-3414 - Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than ...
8 years ago

CVE-2009-3413 - Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than ...
8 years ago

CVE-2008-3976 - Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than ...
7 years ago

CVE-2006-3413 - The privoxy configuration file in Tor before 0.1.1.20, when run on Apple OS X, logs all data via the "logfile", which allows attackers to obtain potentially sensitive information. ...
16 years ago

CVE-2012-3413 - The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitrary web script or HTML via a crafted email. ...
12 years ago

CVE-2013-3413 - Cross-site scripting (XSS) vulnerability in the search form in the administration/monitoring panel on the Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID ...
11 years ago

CVE-2007-3413 - Multiple cross-site scripting (XSS) vulnerabilities in bosDataGrid 2.50 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) GridSearch, (2) gsearch, or (3) ParentID parameter to an unspecified component. ...
7 years ago

CVE-2008-3413 - SQL injection vulnerability in category.php in Greatclone GC Auction Platinum allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. Additional source found during analysis: ...
7 years ago PLATINUM

CVE-2014-3413 - The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database ...
6 years ago

CVE-2011-3413 - Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory ...
6 years ago

CVE-2019-3413 - All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked. ...
5 years ago

CVE-2016-3413 - Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103996. ...
4 years ago

CVE-2010-3413 - Unspecified vulnerability in the pop-up blocking functionality in Google Chrome before 6.0.472.59 allows remote attackers to cause a denial of service (application crash) via unknown vectors. ...
4 years ago

CVE-2020-3413 - A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to ...
4 years ago

CVE-2021-3413 - A flaw was found in Red Hat Satellite in tfm-rubygem-foreman_azure_rm in versions before 2.2.0. A credential leak was identified which will expose Azure Resource Manager's secret key through JSON of the API output. The highest threat from this ...
3 years ago

CVE-2017-3413 - Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable ...
5 years ago

CVE-2022-3413 - Incorrect authorization during display of Audit Events in GitLab EE affecting all versions from 14.5 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2, allowed Developers to view the project's Audit Events and Developers or ...
1 year ago

CVE-2023-3413 - An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through ...
1 year ago

CVE-2024-3413 - A vulnerability has been found in SourceCodester Human Resource Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file initialize/login_process.php. The manipulation of the argument hr_email/hr_password ...
10 months ago Tenable.com

CVE-2022-48956 - In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed rcu_read_lock() was held by ip6_fragment() callers. It seems to not be always true, at least for UDP stack. syzbot ...
4 months ago Tenable.com

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
1 year ago

CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
16 years ago

Latest Cyber News

Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 10 minutes ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 50 minutes ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 57 minutes ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 1 hour ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 2 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 4 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 4 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 4 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 5 hours ago
18 Best Web Filtering Solutions - 2025 - 5 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 9 hours ago
Vo1d malware botnet grows to 1.6 million Android TVs worldwide - 14 hours ago
New Vo1d botnet variant infects 1.6 million Android TVs worldwide - 14 hours ago
CVE-2025-25730 - 15 hours ago
CVE-2025-25570 - 15 hours ago
CVE-2025-26264 - 15 hours ago
CVE-2025-26325 - 15 hours ago
Privacy tech firms warn France’s encryption and VPN laws threaten privacy - 16 hours ago
CVE-2023-5904 - 16 hours ago
CVE-2023-5903 - 16 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
Kimsuky - 1 year ago
23andMe - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Poco RAT Malware Exploits PDF Files to Infiltrate Systems and Steal Data - 10 minutes ago
Njrat Attacking Users Abusing Microsoft Dev Tunnels for C2 Communications - 50 minutes ago
New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins - 57 minutes ago
PingAM Java Agent Vulnerability Let Attackers Gain Unauthorized Access - 1 hour ago
Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data - 2 hours ago
1.6 Million Android TVs Worldwide Hacked by Vo1d Botnet - 4 hours ago
New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 4 hours ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 4 hours ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 5 hours ago
18 Best Web Filtering Solutions - 2025 - 5 hours ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 9 hours ago
CVE-2018-9994 - 1 year ago
CVE-2018-9329 - 1 year ago
CVE-2018-9324 - 1 year ago
CVE-2018-9323 - 1 year ago
CVE-2018-9321 - 1 year ago
CVE-2018-9319 - 1 year ago
CVE-2018-9317 - 1 year ago
CVE-2018-9316 - 1 year ago
CVE-2018-9315 - 1 year ago