Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-09-16 | CVE-2005-2957 | Remote Buffer Overflow vulnerability in Avira Desktop 1.00.00.68 Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive. | 7.5 |
2005-09-16 | CVE-2005-2954 | SQL Injection vulnerability in Adaptive Technology Resource Centre Atutor 1.5.1 SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands via the email field. | 7.5 |
2005-09-16 | CVE-2005-2951 | Directory Traversal vulnerability in Azerbaijan Development Group Azdgdating 2.1.3 Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once statement. | 7.5 |
2005-09-16 | CVE-2005-2949 | Authentication Bypass vulnerability in Mark D. Roth PAM PER User 0.1/0.2/0.3 pam_per_user before 0.4 does not verify if the user name changes between authentication attempts and uses the same subrequest handle, which allows remote attackers or local users to login as other users by using certain applications that allow the username to be changed during authentication, such as /bin/login. | 7.5 |
2005-09-16 | CVE-2005-2946 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature. | 7.5 |
2005-09-16 | CVE-2005-2877 | Remote Arbitrary Command Execution vulnerability in TWiki TWikiUsers The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers. | 7.5 |
2005-09-15 | CVE-2005-2799 | Remote Security vulnerability in Linksys Wrt54G 3.01.3/3.03.6 Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | 7.5 |
2005-09-15 | CVE-2005-2658 | Remote Buffer Overflow vulnerability in Softwolves Software Turquoise Superstat 2.2.4 Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month. | 7.5 |
2005-09-14 | CVE-2005-2914 | Remote Security vulnerability in Linksys Wrt54G 2.04.4/3.01.3/3.03.6 ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. | 7.5 |
2005-09-14 | CVE-2005-2903 | Remote Buffer Overflow vulnerability in Eset Software Nod32 Antivirus 2.5 Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. | 7.5 |