Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-24 | CVE-2005-0103 | Code Injection vulnerability in Squirrelmail PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code. | 7.5 |
| 2005-01-22 | CVE-2005-0566 | Remote Buffer Overflow vulnerability in Golden FTP Server Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command. | 7.5 |
| 2005-01-22 | CVE-2005-0193 | Local Command Line Argument Buffer Overflow vulnerability in Isync Mrouter 1.5 Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code. | 7.2 |
| 2005-01-21 | CVE-2004-1185 | Multiple vulnerability in GNU Enscript Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames. | 7.5 |
| 2005-01-21 | CVE-2004-1057 | Unspecified vulnerability in Linux Kernel Device Driver Virtual Memory Flags Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages. | 7.2 |
| 2005-01-20 | CVE-2005-1847 | Remote Security vulnerability in YAMT Multiple buffer overflows in YaMT before 0.5_2 allow attackers to execute arbitrary code via the (1) rename or (2) sort options. | 7.5 |
| 2005-01-18 | CVE-2005-0297 | Unspecified vulnerability in Oracle Database Server 10.2.1 SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges. | 7.5 |
| 2005-01-18 | CVE-2005-0116 | Improper Input Validation vulnerability in Awstats AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl. | 7.5 |
| 2005-01-17 | CVE-2005-0292 | SQL Injection vulnerability in PHP Gift Registry PHPgiftreg 1.4 Multiple SQL injection vulnerabilities in index.php in PHP Gift Registry (phpGiftReg) 1.4.0, and possibly other versions before 1.5.0b1, allow remote attackers to execute arbitrary SQL commands via the (1) messageid, (2) shopper, (3) shopfor, or (4) itemid parameters. | 7.5 |
| 2005-01-17 | CVE-2005-0290 | Multiple vulnerability in Netgear Fvs318 2.4 NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension. | 7.5 |