Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-03 | CVE-2005-1370 | Remote Command Execution vulnerability in HP OpenView Radia Management Portal 1.0/2.0 Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors. | 7.5 |
| 2005-05-03 | CVE-2005-1343 | Unspecified vulnerability in Apple mac OS X and mac OS X Server Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument. | 7.2 |
| 2005-05-03 | CVE-2005-0157 | Unspecified vulnerability in Smartlist The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned. | 7.5 |
| 2005-05-03 | CVE-2005-0106 | Unspecified vulnerability in Ubuntu Linux 5.04 SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file. | 4.6 |
| 2005-05-02 | CVE-2005-1369 | Unspecified vulnerability in Linux Kernel The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function. | 2.1 |
| 2005-05-02 | CVE-2005-1368 | Unspecified vulnerability in Linux Kernel The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. | 1.2 |
| 2005-05-02 | CVE-2005-1364 | Remote SQL Injection vulnerability in MetaBid Auctions intAuctionID Parameter Multiple SQL injection vulnerabilities in MetaBid Auctions allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password fields in logIn.asp, or (3) intAuctionID parameter to item.asp. | 7.5 |
| 2005-05-02 | CVE-2005-1363 | SQL-Injection vulnerability in Metalinks Metacart2 Payflowlink Multiple SQL injection vulnerabilities in MetaCart 2.0 for PayFlow allow remote attackers to execute arbitrary commands via (1) intCatalogID, (2) strSubCatalogID, or (3) strSubCatalog_NAME parameter to productsByCategory.asp, (4) curCatalogID, (5) strSubCatalog_NAME, (6) intCatalogID, or (7) page parameter to productsByCategory.asp or (8) intProdID parameter to product.asp. | 7.5 |
| 2005-05-02 | CVE-2005-1362 | SQL-Injection vulnerability in Metalinks Metacart2 Paypal Multiple SQL injection vulnerabilities in MetaCart 2.0 for Paypal allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter to product.asp, (2) intCatalogID or (3) strSubCatalogID parameters to productsByCategory.asp, (4) chkText, (5) strText, (6) chkPrice, (7) intPrice, (8) chkCat, or (9) strCat parameters to searchAction.asp. | 7.5 |
| 2005-05-02 | CVE-2005-1361 | Remote SQL Injection vulnerability in Metalinks Metacart E-Shop 8.0 Multiple SQL injection vulnerabilities in MetaCart e-Shop 8.0 allow remote attackers to execute arbitrary SQL commands via the (1) intProdID parameter in product.asp or (2) strCatalog_NAME parameter to productsByCategory.asp. | 7.5 |