Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
Max CVSS
5.0
EPSS Score
4.17%
Published
2005-05-19
Updated
2018-10-19
The ISA Firewall service in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (Wspsrv.exe crash) via a large amount of SecureNAT network traffic.
Max CVSS
5.0
EPSS Score
5.89%
Published
2005-05-31
Updated
2018-08-13
Cross-site scripting (XSS) vulnerability in calendar.php in Calendarix Advanced 1.5 allows remote attackers to inject arbitrary web script or HTML via the year parameter.
Max CVSS
4.3
EPSS Score
0.21%
Published
2005-05-31
Updated
2008-09-05
Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to calendar.php, (2) idsql parameter to online.php, (3) usersearch parameter to memberlist.php, (4) pid parameter to editpost.php, (5) fid parameter to forumdisplay.php, (6) tid parameter to newreply.php, (7) sid parameter to search.php, (8) tid or (9) pid parameter to showthread.php, (10) tid parameter to usercp2.php, (11) tid parameter to printthread.php, or (12) pid parameter to reputation.php.
Max CVSS
7.5
EPSS Score
0.62%
Published
2005-05-31
Updated
2016-10-18
Multiple cross-site scripting (XSS) vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 and earlier allow remote attackers to execute arbitrary web script or HTML via the (1) forums, (2) version, or (3) limit parameter to misc.php, (4) page or (5) datecut parameter to forumdisplay.php, (6) username, (7) email, or (8) email2 parameter to member.php, (9) page or (10) usersearch parameter to memberlist.php, (11) pid or (12) tid parameter to showthread.php, or (13) tid parameter to printthread.php.
Max CVSS
4.3
EPSS Score
0.35%
Published
2005-05-31
Updated
2016-10-18
Sudo 1.6.8p7 on SuSE Linux 9.3, and possibly other Linux distributions, allows local users to gain privileges by using sudo to call su, then entering a blank password and hitting CTRL-C. NOTE: SuSE and multiple third-party researchers have not been able to replicate this issue, stating "Sudo catches SIGINT and returns an empty string for the password so I don't see how this could happen unless the user's actual password was empty.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-05-31
Updated
2024-03-21
The DbgMsg.sys driver in Compuware SoftICE DriverStudio 3.1 and 3.2 allows remote attackers to cause a denial of service (application crash) via an invalid Debug Message pointer.
Max CVSS
5.0
EPSS Score
0.73%
Published
2005-05-29
Updated
2016-10-18
Microsoft Internet Explorer 6 SP2 allows remote attackers to cause a denial of service (infinite loop and application crash) via two embedded files that call each other.
Max CVSS
5.0
EPSS Score
0.46%
Published
2005-05-28
Updated
2021-07-23
D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information.
Max CVSS
7.5
EPSS Score
0.68%
Published
2005-05-26
Updated
2024-02-13
D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as upgrade firmware, restart the router or restore a saved configuration, via a direct request to firmwarecfg.
Max CVSS
7.5
EPSS Score
1.07%
Published
2005-05-26
Updated
2024-01-25
Buffer overflow in HP Radia Notify Daemon 3.1.0.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a long file extension.
Max CVSS
7.5
EPSS Score
18.87%
Published
2005-05-03
Updated
2011-03-08
Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process.
Max CVSS
7.5
EPSS Score
57.15%
Published
2005-05-03
Updated
2011-03-08
Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception.
Max CVSS
5.0
EPSS Score
1.22%
Published
2005-05-30
Updated
2016-10-18
The Data function in class.smtp.php in PHPMailer 1.7.2 and earlier allows remote attackers to cause a denial of service (infinite loop leading to memory and CPU consumption) via a long header field.
Max CVSS
5.0
EPSS Score
11.92%
Published
2005-05-28
Updated
2011-03-08
Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL.
Max CVSS
7.5
EPSS Score
56.84%
Published
2005-05-28
Updated
2016-10-18
SQL injection vulnerability in login.asp in an unknown product by Online Solutions for Educators (OS4E) allows remote attackers to execute arbitrary SQL commands via the password.
Max CVSS
7.5
EPSS Score
0.27%
Published
2005-05-28
Updated
2011-03-08
Multiple SQL injection vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to execute arbitrary SQL commands via the (1) terme parameter in the glossaire module (glossaire.php) or (2) query parameter to links.php.
Max CVSS
7.5
EPSS Score
0.48%
Published
2005-05-29
Updated
2008-09-05
Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) admin.php, or (2) powerpack_f.php, (3) the sitename parameter to sdv_infos.php, (4) the categories parameter to faq.php, (5) the lettre parameter to the glossaire module, (6) the title parameter to reviews.php, or (7) the image_subject parameter to reply.php.
Max CVSS
4.3
EPSS Score
0.33%
Published
2005-05-29
Updated
2008-09-05
Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.
Max CVSS
5.0
EPSS Score
1.30%
Published
2005-05-27
Updated
2008-09-05
The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it.
Max CVSS
2.6
EPSS Score
0.11%
Published
2005-05-26
Updated
2008-09-10
Cross-site scripting (XSS) vulnerability in Jaws Glossary gadget 0.4 to 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the term parameter in a view or ViewTerm action to index.php.
Max CVSS
4.3
EPSS Score
0.20%
Published
2005-05-28
Updated
2008-09-10
Cross-site scripting (XSS) vulnerability in FreeStyle Wiki 3.5.7 and WikiLite (FSWikiLite) .10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
Max CVSS
4.3
EPSS Score
0.17%
Published
2005-05-31
Updated
2008-09-05
Directory traversal vulnerability in ServersCheck Monitoring Software 5.9.0 to 5.10.0 allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
Max CVSS
5.0
EPSS Score
0.29%
Published
2005-05-29
Updated
2008-09-05
The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.
Max CVSS
5.1
EPSS Score
0.32%
Published
2005-05-26
Updated
2008-09-05
Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
10.72%
Published
2005-05-31
Updated
2023-03-29
1254 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!