CVE alerts
15 alerts in this category.
Threat alerts that map to a registered CVE entry. Each carries severity, exploitation status, affected products, and a direct path to the vendor patch.
Critical Vulnerability: CVE-2005-2773 — hp — openview_network_node_manager
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3)
hpCVE-2005-2773Critical Vulnerability: CVE-2005-2103 — gaim_project — gaim
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a l
gaim_projectCVE-2005-2103Critical Vulnerability: CVE-2005-1689 — mit, apple — kerberos_5, mac_os_x
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
mit, appleCVE-2005-1689Critical Vulnerability: CVE-2005-1744 — bea — weblogic_server
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without hav
beaCVE-2005-1744Critical Vulnerability: CVE-2005-1513 — qmail_project, canonical — qmail, ubuntu_linux
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly
qmail_project, canonicalCVE-2005-1513Critical Vulnerability: CVE-2005-0269 — sir — gnuboard
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that incl
sirCVE-2005-0269Critical Vulnerability: CVE-2005-0199 — barton — ngircd
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a
bartonCVE-2005-0199Critical Vulnerability: CVE-2005-1141 — optical_character_recognition_project — optical_character_recognition
Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi
optical_character_recognition_projectCVE-2005-1141Critical Vulnerability: CVE-2005-0408 — citrusdb — citrusdb
CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating th
citrusdbCVE-2005-0408Critical Vulnerability: CVE-2005-0496 — arkeia — network_backup
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
arkeiaCVE-2005-0496Critical Vulnerability: CVE-2005-0102 — gnome, debian — evolution, debian_linux
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte
gnome, debianCVE-2005-0102Critical Vulnerability: CVE-2004-2214 — mbedthis — appweb_http_server
Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters.
mbedthisCVE-2004-2214Critical Vulnerability: CVE-2004-2154 — apple, canonical — cups, ubuntu_linux
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are
apple, canonicalCVE-2004-2154Critical RCE in Apache HTTP Server (CVE-2024-38474) Allows Full System Takeover
A critical remote code execution vulnerability in Apache HTTP Server 2.4.59 and earlier allows unauthenticated attackers to execute arbitrary code via crafted requests to mod_rewrite.
Apache Software FoundationCVE-2024-38474High Severity Format String Vulnerability in Fortinet FortiOS (CVE-2024-23113)
Fortinet FortiOS fgfmd daemon contains a format string vulnerability allowing remote unauthenticated attackers to execute arbitrary code via specially crafted requests.
FortinetCVE-2024-23113
Get alerts that match YOUR environment
This page shows everything in the category. Vulnios narrows it down to alerts that affect your actual asset inventory — only the CVEs you need to act on.
Start a free scan