Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-04-14 | CVE-2004-1176 | Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
| 2005-04-14 | CVE-2004-1175 | fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. | 7.5 |
| 2005-04-14 | CVE-2004-1005 | Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | 7.5 |
| 2005-04-14 | CVE-2004-1004 | Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. | 7.5 |
| 2005-04-13 | CVE-2005-1149 | SQL Injection vulnerability in ACNews Login.ASP SQL injection vulnerability in admin/login.asp in aspclick.it ACNews 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters. | 7.5 |
| 2005-04-13 | CVE-2005-1134 | SQL injection vulnerability in S9Y Serendipity Exit.PHP SQL injection vulnerability in exit.php for Serendipity 0.8 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) url_id or (2) entry_id parameters. | 7.5 |
| 2005-04-12 | CVE-2005-1078 | Unspecified vulnerability in Xampp Apache Distribution XAMPP 1.4.x has multiple default or null passwords, which allows attackers to gain privileges. | 7.5 |
| 2005-04-12 | CVE-2005-1071 | SQL injection vulnerability in banner.inc.php in JPortal Web Portal 2.3.1 allows remote attackers to execute arbitrary SQL commands via the haslo parameter. | 7.5 |
| 2005-04-12 | CVE-2005-0610 | Local Insecure Temporary File Handling vulnerability in FreeBSD PortUpgrade Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (2) overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or (3) create arbitrary zero-byte files via the pkgdb.fixme temporary file. | 7.2 |
| 2005-04-12 | CVE-2005-0562 | Unspecified vulnerability in Microsoft MSN Messenger 6.2 GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width. | 7.5 |