Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-14 | CVE-2005-2880 | SQL Injection vulnerability in PHPcommunitycalendar 4.0/4.0.1/4.0.3 Multiple SQL injection vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via the (1) login field in login.php or (2) LocationID parameter to week.php. | 7.5 |
2005-09-14 | CVE-2005-2879 | Information Disclosure vulnerability in Advansysperu Software USB Lock Auto-Protect 1.5 Advansysperu Software USB Lock Auto-Protect (AP) 1.5 uses a weak encryption scheme to encrypt passwords, which allows local users to gain sensitive information and bypass USB interface protection. | 2.1 |
2005-09-14 | CVE-2005-2492 | Permissions, Privileges, and Access Controls vulnerability in multiple products The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input. | 3.6 |
2005-09-14 | CVE-2005-2490 | Local Buffer Overflow vulnerability in Linux Kernel Sendmsg() Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in another thread. | 4.6 |
2005-09-14 | CVE-2005-1913 | Local Denial Of Service vulnerability in Linux Kernel Subthread Exec The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist. | 2.1 |
2005-09-13 | CVE-2005-2878 | Remote Format String vulnerability in GNU Mailutils 0.6 Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command. | 7.5 |
2005-09-13 | CVE-2005-2876 | Unspecified vulnerability in Andries Brouwer Util-Linux umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r (remount) option, which causes the file system to be remounted with just the read-only flag, which effectively clears the nosuid, nodev, and other flags. | 7.2 |
2005-09-13 | CVE-2005-2875 | Remote Python Code Execution vulnerability in Py2Play Object Unpickling Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes. | 7.5 |
2005-09-13 | CVE-2005-2874 | Unspecified vulnerability in Easy Software products Cups The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request. | 5.0 |
2005-09-09 | CVE-2005-2873 | Remote Denial of Service vulnerability in Linux Kernel Netfilter Ipt_recent The ipt_recent kernel module (ipt_recent.c) in Linux kernel 2.6.12 and earlier does not properly perform certain time tests when the jiffies value is greater than LONG_MAX, which can cause ipt_recent netfilter rules to block too early, a different vulnerability than CVE-2005-2872. | 2.1 |