Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-30 | CVE-2005-0484 | Remote Security vulnerability in GProFTPD Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log. | 7.5 |
| 2005-03-29 | CVE-2005-0946 | Remote vulnerability in PHPcoin 1.2/1.2.1/1.2.1B SQL injection vulnerability in phpCoin 1.2.1b and earlier allows remote attackers to execute arbitrary SQL commands via the (1) term/keywords field on the search page, (2) username or (3) e-mail field on the forgot password page, or (4) domain name on the ordering new package page. | 7.5 |
| 2005-03-29 | CVE-2005-0931 | Remote File Include vulnerability in The Includer 1.0/1.1 PHP remote file inclusion vulnerability in The Includer 1.0 and 1.1 allows remote attackers to execute arbitrary PHP code. | 7.5 |
| 2005-03-28 | CVE-2005-0911 | SQL-Injection vulnerability in E-Xoops Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php. | 7.5 |
| 2005-03-27 | CVE-2005-0750 | Buffer Index vulnerability in Linux Kernel Bluetooth Signed The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. | 7.2 |
| 2005-03-25 | CVE-2005-0592 | Remote vulnerability in Mozilla Suite Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value. | 7.5 |
| 2005-03-24 | CVE-2005-0912 | Remote Security vulnerability in Deplate Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb. | 7.5 |
| 2005-03-24 | CVE-2005-0887 | Unspecified vulnerability in Michael Dean Double Choco Latte Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in (1) functions.inc.php or (2) main.php, which causes code to be injected into an eval statement. | 7.5 |
| 2005-03-21 | CVE-2005-0716 | Local Buffer Overflow vulnerability in Apple Mac OS X Core Foundation Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable. | 7.2 |
| 2005-03-16 | CVE-2005-0352 | Local Privilege Escalation vulnerability in Woodstone Servers Alive 4.1/5.0 Servers Alive 4.1 and 5.0, when running as a service, does not drop SYSTEM privileges before loading local manual under the help menu, which allows local users to gain privileges. | 7.2 |