| Max CVSS | 9.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-8091 | 4.3 |
X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value of a malloc call, which allows remote attackers to
|
13-02-2023 - 00:42 | 10-12-2014 - 15:59 | |
| CVE-2017-15396 | 4.3 |
A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption
|
07-11-2018 - 19:33 | 28-08-2018 - 20:29 | |
| CVE-2005-4458 | 9.0 |
Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly reset the $IS_OWNER, $IS_ADMIN, and $IS_MANAGER global variables when performing checks for special privileges, which allows users to gain administrator privileges by adding themse
|
19-10-2018 - 15:41 | 21-12-2005 - 11:03 | |
| CVE-2005-4525 | 4.6 |
SmcGui.exe in Sygate Protection Agent 5.0 build 6144 allows local users to obtain management control over the agent by executing the GUI (SmcGui.exe) and then killing the process, which causes the privileged management GUI to launch.
|
19-10-2018 - 15:41 | 28-12-2005 - 01:03 | |
| CVE-2005-4438 | 7.5 |
Heap-based buffer overflow in Dec2Rar.dll 3.2.14.3, as distributed in the Symantec Antivirus Library and used by various Symantec products, allows remote attackers to execute arbitrary code via RAR archives with sub-block headers that contain incorre
|
19-10-2018 - 15:40 | 21-12-2005 - 01:03 | |
| CVE-2005-4445 | 5.1 |
Off-by-one error in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allows remote attackers to execute arbitrary code via a long email message header, which triggers a one-byte buffer overflow.
|
19-10-2018 - 15:40 | 21-12-2005 - 02:03 | |
| CVE-2005-4436 | 7.8 |
Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) m
|
19-10-2018 - 15:40 | 21-12-2005 - 01:03 | |
| CVE-2005-4453 | 9.0 |
UserProfile.cs in Ultraapps Issue Manager before 2.1 allows remote authenticated users to gain administrator privileges by modifying the original (1) p_User_user_id and (2) User_user_id parameters to UserProfile.aspx, then modifying the password fiel
|
19-10-2018 - 15:40 | 21-12-2005 - 11:03 | |
| CVE-2005-4437 | 7.5 |
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message
|
19-10-2018 - 15:40 | 21-12-2005 - 01:03 | |
| CVE-2005-4451 | 7.5 |
Unspecified vulnerability in Software Distributor in HP-UX B.11.11 allows remote attackers to gain access via unspecified attack vectors.
|
19-10-2018 - 15:40 | 21-12-2005 - 11:03 | |
| CVE-2005-4444 | 5.1 |
Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply.
|
19-10-2018 - 15:40 | 21-12-2005 - 02:03 | |
| CVE-2016-3249 | 7.2 |
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted a
|
12-10-2018 - 22:12 | 13-07-2016 - 01:59 | |
| CVE-2008-4477 | 7.2 |
alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink attack on the test.alert.log temporary file.
|
08-08-2017 - 01:32 | 08-10-2008 - 00:00 | |
| CVE-2006-6105 | 4.3 |
Format string vulnerability in the host chooser window (gdmchooser) in GNOME Foundation Display Manager (gdm) allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog.
|
20-07-2017 - 01:34 | 15-12-2006 - 02:28 | |
| CVE-2004-2217 | 5.0 |
Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2005-4510 | 5.0 |
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.
|
18-10-2016 - 03:38 | 23-12-2005 - 01:03 | |
| CVE-2005-4568 | 7.5 |
Multiple format string vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allow remote attackers to execute arbitrary code via format string specifiers in the (1) USER, (2) PASS, and (3) TOP
|
08-03-2011 - 02:28 | 29-12-2005 - 11:03 | |
| CVE-2005-4567 | 5.8 |
Multiple cross-site scripting (XSS) vulnerabilities in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (Build 4.4.000 Oct 26 2005) allow remote attackers to inject arbitrary web script or HTML by sending (1) the href parameter to index.ft
|
08-03-2011 - 02:28 | 29-12-2005 - 11:03 | |
| CVE-2005-4569 | 7.5 |
Stack-based buffer overflow in index.fts in FTGate Technology (formerly known as Floosietek) FTGate 4.4 (aka Build 4.4.000 Oct 26 2005) allows remote attackers to execute arbitrary code via a long tzoffset value.
|
08-03-2011 - 02:28 | 29-12-2005 - 11:03 | |
| CVE-2000-0692 | 5.0 |
ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.
|
05-09-2008 - 20:21 | 20-10-2000 - 04:00 |