Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-11 | CVE-2005-1518 | Unspecified vulnerability in SUN Solaris and Sunos Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. | 2.1 |
2005-05-11 | CVE-2005-1490 | Local Security vulnerability in Mail Server Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2, when the mailbox.dat file does not exist, allows remote authenticated users to determine if a file exists via the folder parameter to attachment.html. | 2.1 |
2005-05-11 | CVE-2005-1488 | Cross-Site Scripting vulnerability in Mail Server Multiple cross-site scripting (XSS) vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow remote authenticated users to inject arbitrary web script or HTML via (1) the E-mail address, Note, or Public Certificate fields to address.html, (2) addressaction.html, (3) the Signature field to settings.html, or (4) the Shared calendars to calendarsettings.html. | 1.9 |
2005-05-03 | CVE-2005-1430 | Local Security vulnerability in Mac OS X Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | 3.6 |
2005-05-03 | CVE-2005-1424 | Local Information Disclosure vulnerability in Stumbleinside Gotext 1.01 StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information. | 2.1 |
2005-05-03 | CVE-2005-1410 | The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments. | 2.1 |
2005-05-03 | CVE-2005-1405 | Local Security vulnerability in Lotus Notes HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications. | 2.1 |
2005-05-03 | CVE-2005-1385 | Denial-Of-Service vulnerability in Apple Safari 1.3 Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference. | 2.6 |
2005-05-02 | CVE-2005-1369 | Unspecified vulnerability in Linux Kernel The (1) it87 and (2) via686a drivers in I2C for Linux 2.6.x before 2.6.11.8, and 2.6.12 before 2.6.12-rc2, create the sysfs "alarms" file with write permissions, which allows local users to cause a denial of service (CPU consumption) by attempting to write to the file, which does not have an associated store function. | 2.1 |
2005-05-02 | CVE-2005-1368 | Unspecified vulnerability in Linux Kernel The key_user_lookup function in security/keys/key.c in Linux kernel 2.6.10 to 2.6.11.8 may allow attackers to cause a denial of service (oops) via SMP. | 1.2 |