Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-04-27 | CVE-2005-0419 | Remote Security vulnerability in 3Com 3Cserver 1.1 Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command. | 7.5 |
| 2005-04-27 | CVE-2005-0416 | Buffer Overflow vulnerability in Microsoft Windows User32.DLL ANI File Header Handling Stack-Based The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow. | 7.5 |
| 2005-04-27 | CVE-2005-0414 | SQL-Injection vulnerability in Mercuryboard 1.1.1 SQL injection vulnerability in post.php for MercuryBoard 1.1.1 allows remote attackers to execute arbitrary SQL commands via a reply post action for index.php with (1) the t parameter or (2) the qu parameter. | 7.5 |
| 2005-04-27 | CVE-2005-0413 | SQL Injection vulnerability in Myphp Forum Myphp Forum 1.0/2.0/3.0 Multiple SQL injection vulnerabilities in MyPHP Forum 1.0 allow remote attackers to execute arbitrary SQL commands via (1) the fid in forum.php, (2) the member parameter in member.php, (3) the email parameter in forgot.php, or (4) the nbuser or nbpass parameters in include.php. | 7.5 |
| 2005-04-27 | CVE-2005-0206 | Integer Overflow vulnerability in Xpdf PDFTOPS The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. | 7.5 |
| 2005-04-27 | CVE-2004-1342 | Unspecified vulnerability in CVS CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method. | 7.5 |
| 2005-04-25 | CVE-2005-1298 | Remote Security vulnerability in Inserter.Cgi The inserter.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | 7.5 |
| 2005-04-25 | CVE-2005-1296 | Remote Security vulnerability in Include.Cgi include.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | 7.5 |
| 2005-04-25 | CVE-2005-1295 | Remote Security vulnerability in Include.Cgi include.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | 7.5 |
| 2005-04-24 | CVE-2005-1312 | Remote File Include vulnerability in Yappa-NG PHP remote file inclusion vulnerability in Yappa-NG before 2.3.2 allows remote attackers to execute arbitrary PHP code via unknown vectors. | 7.5 |