Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-04-08 | CVE-2005-1067 | Unspecified vulnerability in Access User Class Access User Class 1.6 Vulnerability in Access_user Class before 1.75 allows local users to gain access as other users via the password "new". | 7.5 |
2005-04-07 | CVE-2005-1087 | Unspecified vulnerability in AN An-Httpd 1.42N CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request. | 6.4 |
2005-04-07 | CVE-2005-0351 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SCO Openserver 5.0.6/5.0.7 Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable. | 4.6 |
2005-04-06 | CVE-2005-1096 | SQL Injection vulnerability in Ocean12 Membership Manager Pro SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | 7.5 |
2005-04-06 | CVE-2005-1029 | SQL Injection vulnerability in Active web Softwares Active Auction House 7.1 Multiple SQL injection vulnerabilities in Active Auction House allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) SortDir, or (3) Sortby parameter to default.asp, (4) itemID parameter to ItemInfo.asp, or (5) Email field to sendpassword.asp. | 7.5 |
2005-04-05 | CVE-2005-1035 | Unspecified vulnerability in Pavuk Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact. | 7.5 |
2005-04-01 | CVE-2005-0749 | Local Denial of Service vulnerability in Linux Kernel Elf Binary Loading The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer. | 7.2 |
2005-03-31 | CVE-2005-0957 | Authentication Bypass vulnerability in BAY Technical Associates Rpc3 Telnet F3.05 Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by pressing the escape and enter keys at the username prompt. | 7.5 |
2005-03-30 | CVE-2005-0943 | Remote Denial of Service vulnerability in Cisco VPN 3000 Concentrator Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet. | 5.0 |
2005-03-30 | CVE-2005-0487 | Cross-Site Scripting vulnerability in Kayako Esupport 2.3.1 Cross-site scripting (XSS) vulnerability in index.php for Kayako ESupport 2.3.1, and possibly other versions, allows remote attackers to inject arbitrary HTML and web script via the nav parameter. network kayako | 6.8 |