Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-26 | CVE-2005-1828 | Cleartext Storage of Sensitive Information vulnerability in Dlink Dsl-504T Firmware D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. | 7.5 |
| 2005-05-26 | CVE-2005-1523 | Remote Format String vulnerability in GNU Mailutils 0.5/0.6 Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands. | 7.5 |
| 2005-05-26 | CVE-2005-1521 | Remote Integer Overflow vulnerability in GNU Mailutils 0.5/0.6 Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. | 7.5 |
| 2005-05-26 | CVE-2005-1520 | Buffer Overflow vulnerability in GNU Mailutils 0.5/0.6 Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail. | 7.5 |
| 2005-05-25 | CVE-2005-1543 | Remote Pre-Authentication Buffer Overflow vulnerability in Novell ZENworks Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests. | 7.5 |
| 2005-05-25 | CVE-2005-1151 | Unspecified vulnerability in Debian Qpopper 4.0.4/4.0.5 qpopper 4.0.5 and earlier does not properly drop privileges before processing certain user-supplied files, which allows local users to overwrite or create arbitrary files as root. | 7.2 |
| 2005-05-24 | CVE-2005-1743 | Remote vulnerability in BEA WebLogic Server and WebLogic Express BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions. | 7.5 |
| 2005-05-24 | CVE-2005-1737 | Denial-Of-Service vulnerability in Electricmonk Proms 0.11 Multiple unknown vulnerabilities in PROMS 0.11 allow "non-authorized users" to (1) view or modify the project member list or (2) modify the todos list. | 7.5 |
| 2005-05-24 | CVE-2005-1736 | Remote Security vulnerability in Proms PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended. | 7.5 |
| 2005-05-24 | CVE-2005-1734 | Unspecified vulnerability in Electricmonk Proms Multiple SQL injection vulnerabilities in PROMS before 0.11 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |