Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0816 | Local Buffer Overflow vulnerability in Sun Solaris NewGRP Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. | 7.2 |
| 2005-05-02 | CVE-2005-0810 | Multiple vulnerability in Notify Technology Notifylink Enterpriseserver SQL injection vulnerability in NotifyLink before 3.0 allows remote attackers to execute arbitrary SQL commands via the URL. | 7.5 |
| 2005-05-02 | CVE-2005-0809 | Multiple vulnerability in Notify Technology Notifylink Enterpriseserver NotifyLink, when configured for client key retrieval, allows remote attackers to obtain AES keys via a direct request to /hwp/get.asp, then uses a weak encryption scheme (fixed byte reordering) to protect the key, which allows remote attackers to obtain the key via a brute force attack. | 7.5 |
| 2005-05-02 | CVE-2005-0807 | Remote Heap Buffer Overflow vulnerability in Massimiliano Montoro Cain & Abel PSK Sniffer Multiple buffer overflows in Cain & Abel before 2.67 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via (1) an IKE packet with a large ID field that is not properly handled by the PSK sniffer filter, (2) the HTTP sniffer filter, or the (3) POP3, (4) SMTP, (5) IMAP, (6) NNTP, or (7) TDS sniffer filters. | 7.5 |
| 2005-05-02 | CVE-2005-0805 | SQL Injection vulnerability in Subdreamer Light 1.0 SQL injection vulnerability in index.php in Subdreamer Light, when magic_quotes_gpc is enabled, allows remote attackers to execute arbitrary SQL commands via certain parameters that are used as global variables, as demonstrated using the imageid parameter, which is not properly handled by imagegallery.php. | 7.5 |
| 2005-05-02 | CVE-2005-0800 | Unspecified vulnerability in Mcnews PHP remote file inclusion vulnerability in install.php in mcNews 1.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the l parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2005-0720. | 7.5 |
| 2005-05-02 | CVE-2005-0781 | SQL Injection And Cross-Site Scripting vulnerability in PAFileDB SQL injection vulnerability in (1) viewall.php and (2) category.php in paFileDB 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter to pafiledb.php. | 7.5 |
| 2005-05-02 | CVE-2005-0775 | Remote vulnerability in Photopost PHP PRO 5.0Rc3 The reportpost action in misc.php for PhotoPost PHP 5.0 RC3 does not limit the logging data that is sent to the administrator, which allows remote attackers to send large amounts of email to the administrator. | 7.5 |
| 2005-05-02 | CVE-2005-0769 | Buffer Overflow vulnerability in OpenSLP Multiple buffer overflows in OpenSLP before 1.1.5 allow remote attackers to have an unknown impact via malformed SLP packets. | 7.5 |
| 2005-05-02 | CVE-2005-0764 | Unspecified vulnerability in Marc Lehmann Rxvt-Unicode Buffer overflow in command.C for rxvt-unicode before 5.3 allows remote attackers to execute arbitrary code via a crafted file containing long escape sequences. | 7.5 |