Latest CVE Feed
-
7.5
HIGHCVE-2005-1900
Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license.... Read more
Affected Products : sawmill- EPSS Score: %1.03
- Published: Jun. 09, 2005
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2005-1911
The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).... Read more
Affected Products : leafnode- EPSS Score: %0.48
- Published: Jun. 09, 2005
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2005-1870
PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via the form parameter.... Read more
Affected Products : popper- EPSS Score: %4.07
- Published: Jun. 09, 2005
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2005-1905
The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.... Read more
- EPSS Score: %0.15
- Published: Jun. 09, 2005
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2005-1899
Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a denial of service (infinite loop) via a zero-byte UDP pack... Read more
Affected Products : raknet- EPSS Score: %4.59
- Published: Jun. 09, 2005
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2005-1947
Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attackers to delete albums and images as another user via a link or IMG tag to the (1) albums or (2) delimg actions.... Read more
Affected Products : gallery- EPSS Score: %0.97
- Published: Jun. 09, 2005
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2005-1943
Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp.... Read more
Affected Products : loki_download_manager_catgory_version- EPSS Score: %0.57
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-1725
launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.... Read more
Affected Products : mac_os_x_server- EPSS Score: %0.16
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
3.7
LOWCVE-2005-1727
Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widgets, which allows local users to conduct unauthorized file operations via "file race conditions."... Read more
Affected Products : mac_os_x_server- EPSS Score: %0.05
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2005-1960
The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands via shell metacharacters in certain log entries, as demonstrated using shell metacharacters in an FTP username.... Read more
Affected Products : tattle- EPSS Score: %0.90
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2005-1757
Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.... Read more
Affected Products : netmail- EPSS Score: %2.04
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2005-1724
NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows remote attackers to bypass intended access restrictions.... Read more
Affected Products : mac_os_x_server- EPSS Score: %0.31
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2005-0756
ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).... Read more
Affected Products : linux_kernel- EPSS Score: %0.06
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
7.8
HIGHCVE-2005-1941
SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code.... Read more
Affected Products : silvercity- EPSS Score: %0.14
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2005-1758
Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.... Read more
Affected Products : netmail- EPSS Score: %7.38
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2005-1728
MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.... Read more
Affected Products : mac_os_x- EPSS Score: %0.06
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2005-1723
LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attacke... Read more
Affected Products : mac_os_x_server- EPSS Score: %0.47
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2005-1968
Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers to inject arbitrary web script or HTML via the error parameter to techErr.asp.... Read more
Affected Products : productcart- EPSS Score: %0.33
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2005-1756
Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.... Read more
Affected Products : netmail- EPSS Score: %1.17
- Published: Jun. 08, 2005
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2005-1869
PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_Libs] parameter.... Read more
Affected Products : mwchat- EPSS Score: %1.09
- Published: Jun. 07, 2005
- Modified: Apr. 03, 2025