Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-02 | CVE-2005-2079 | Remote Heap Overflow vulnerability in Veritas Backup Exec Admin Plus Pack Option Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code. | 7.5 |
| 2005-08-01 | CVE-2005-2410 | Unspecified vulnerability in Gnome Networkmanager 0.1/0.3.1/0.4 Format string vulnerability in the nm_info_handler function in Network Manager may allow remote attackers to execute arbitrary code via format string specifiers in a Wireless Access Point identifier, which is not properly handled in a syslog call. | 7.5 |
| 2005-08-01 | CVE-2005-2409 | Remote Format String vulnerability in No-Brainer SMTP Client Log_Msg() Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call. | 7.5 |
| 2005-07-27 | CVE-2005-2404 | SQL Injection vulnerability in Sendcard 3.2.3 SQL injection vulnerability in sendcard.php in Sendcard 3.2.3 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2005-07-27 | CVE-2005-2400 | Authentication Bypass vulnerability in PHPfinance 0.3 The inc.login.php scripts in PHPFinance 0.3 allows remote attackers to bypass the login and gain privileges. | 7.5 |
| 2005-07-27 | CVE-2005-2399 | SQL Injection vulnerability in PHP Surveyor PHP Surveyor 0.98 PHP Surveyor 0.98 allows remote attackers to trigger SQL errors via missing parameters to (1) browse.php, (2) export.php, (3) conditions.php, or (4) spss.php. | 7.5 |
| 2005-07-27 | CVE-2005-2398 | SQL Injection vulnerability in PHP Surveyor PHP Surveyor 0.98 Multiple SQL injection vulnerabilities in PHP Surveyor 0.98 allows remote attackers to execute arbitrary SQL commands via (1) the sid, start, and id parameters to browse.php, the sid parameter to (2) dataentry.php, (3) export.php, (4) admin.php, (5) conditions.php, (6) spss.php, (7) deletesurvey.php, (8) dumpsurvey.php, or (9) statistics.php, or the lid parameter to (10) labels.php or (11) dumplabel.php. | 7.5 |
| 2005-07-27 | CVE-2005-2387 | Remote Buffer Overflow vulnerability in Goodtech Systems Goodtech Smtp Server 5.16 Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO commands with a long e-mail name arugment in the last command. | 7.5 |
| 2005-07-27 | CVE-2005-2385 | Remote Security vulnerability in Alwil Avast Antivirus 4.6.460/4.6.665 Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitrary code via an ACE archive containing a long filename. | 7.5 |
| 2005-07-26 | CVE-2005-2383 | SQL Injection vulnerability in PHPnews 1.2.5 SQL injection vulnerability in auth.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the user parameter in an HTTP POST request. | 7.5 |