Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1040 | Unspecified vulnerability in Novell Linux Desktop 9 Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification." | 7.2 |
| 2005-05-02 | CVE-2005-1036 | Missing Initialization of Resource vulnerability in Freebsd FreeBSD 5.x to 5.4 on AMD64 does not properly initialize the IO permission bitmap used to allow user access to certain hardware, which allows local users to bypass intended access restrictions to cause a denial of service, obtain sensitive information, and possibly gain privileges. | 7.8 |
| 2005-05-02 | CVE-2005-1026 | SQL Injection vulnerability in PHPBB DLMan Pro Module Multiple SQL injection vulnerabilities in SnailSource phpBB 2.0.x mods allow remote attackers to execute arbitrary SQL commands via the (1) file_id parameter to dlman.php in DLMan Pro or (2) id parameter to links.php in Linkz Pro (aka LinksLinks Pro). | 7.5 |
| 2005-05-02 | CVE-2005-1021 | Resource Management Errors vulnerability in Cisco IOS Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password. | 7.1 |
| 2005-05-02 | CVE-2005-1020 | Improper Authentication vulnerability in Cisco IOS Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data. | 7.1 |
| 2005-05-02 | CVE-2005-1019 | Local Security vulnerability in Aeon Buffer overflow in the getConfig function in Aeon 0.2a and earlier allows local users to gain privileges via a long HOME environment variable. | 7.2 |
| 2005-05-02 | CVE-2005-1018 | Remote Buffer Overflow vulnerability in CA Brightstor Arcserve Backup 11.1 Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field. | 7.5 |
| 2005-05-02 | CVE-2005-1017 | SQL Injection vulnerability in Maxwebportal SQL injection vulnerability in the Update_Events function in events_functions.asp in MaxWebPortal 1.33 and earlier allows remote attackers to execute arbitrary SQL commands via the EVENT_ID parameter, as demonstrated using events.asp. | 7.5 |
| 2005-05-02 | CVE-2005-1014 | Buffer Overflow vulnerability in MailEnable IMAP Authenticate Request Buffer overflow in the IMAP service for MailEnable Enterprise 1.04 and earlier and Professional 1.54 allows remote attackers to execute arbitrary code via a long AUTHENTICATE command. | 7.5 |
| 2005-05-02 | CVE-2005-1011 | SQL Injection vulnerability in SiteEnable SQL injection vulnerability in content.asp in SiteEnable allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | 7.5 |