Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-26 | CVE-2005-2382 | Local Privilege Escalation vulnerability in Oray Peanuthull 3.0.1.0 Oray PeanutHull 3.0.1.0 and earlier does not properly drop SYSTEM privileges when launched from the system tray, which allows local users to gain privileges by accessing the Help functionality. | 7.2 |
2005-07-26 | CVE-2005-2374 | Remote Security vulnerability in Belkin 54G Wireless Router Belkin 54g wireless routers do not properly set an administrative password, which allows remote attackers to gain access via the (1) Telnet or (2) web administration interfaces. | 7.5 |
2005-07-26 | CVE-2005-2372 | Local Security vulnerability in Forms And Reports Oracle Forms 4.5 through 10g starts form executables from arbitrary directories and executes them as the Oracle or System user, which allows attackers to execute arbitrary code by uploading a malicious .fmx file and referencing it using an absolute pathname argument in the (1) form or (2) module parameters to f90servlet. | 7.2 |
2005-07-26 | CVE-2005-2369 | Memory Alignment Remote Denial of Service vulnerability in EKG Libgadu Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code. | 7.5 |
2005-07-26 | CVE-2005-2218 | Unspecified vulnerability in Freebsd The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process. | 7.2 |
2005-07-26 | CVE-2005-1920 | Improper Preservation of Permissions vulnerability in multiple products The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the same permissions on the backup file as were set on the original file, which could allow local users and possibly remote attackers to obtain sensitive information. | 7.5 |
2005-07-26 | CVE-2005-1852 | Numeric Errors vulnerability in multiple products Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. | 7.5 |
2005-07-19 | CVE-2005-2323 | SQL-Injection vulnerability in Class-1 Forum Multiple SQL injection vulnerabilities in Class-1 Forum 0.24.4 and 0.23.2, and Clever Copy with forums installed, allow remote attackers to modify SQL statements via the (1) id parameter to viewattach.php, (2) viewuser_id parameter to users.php, or the (3) id or (4) forum parameter to viewforum.php. | 7.5 |
2005-07-19 | CVE-2005-2320 | Unspecified vulnerability in Webcalendar WebCalendar before 1.0.0 does not properly restrict access to assistant_edit.php, which allows remote attackers to gain privileges. | 7.5 |
2005-07-19 | CVE-2005-2317 | Unspecified vulnerability in Shorewall Shorewall 2.4.x before 2.4.1, 2.2.x before 2.2.5, and 2.0.x before 2.0.17, when MACLIST_TTL is greater than 0 or MACLIST_DISPOSITION is set to ACCEPT, allows remote attackers with an accepted MAC address to bypass other firewall rules or policies. | 7.5 |