|
303481
|
5.4 |
MEDIUM
Network
|
markjaquith
|
subscribe_to_comments
|
A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manip…
|
-
|
CVE-2006-10001
|
2024-11-21 09:07 |
2023-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303482
|
9.8 |
CRITICAL
Network
|
simplemachines
|
simple_machine_forum
|
Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements.
|
CWE-89
SQL Injection
|
CVE-2005-4891
|
2024-11-21 09:05 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303483
|
9.8 |
CRITICAL
Network
|
sillycycle
|
xlockmore
|
xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2006-0062
|
2024-11-21 09:05 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303484
|
9.8 |
CRITICAL
Network
|
sillycycle
|
xlockmore
|
xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2006-0061
|
2024-11-21 09:05 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303485
|
7.8 |
HIGH
Local
|
sudo_project
debian
redhat
|
sudo
shadow
debian_linux
enterprise_linux
|
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to …
|
CWE-20
Improper Input Validation
|
CVE-2005-4890
|
2024-11-21 09:05 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303486
|
5.9 |
MEDIUM
Network
|
google
|
chrome
|
SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists …
|
CWE-326
Inadequate Encryption Strength
|
CVE-2005-4900
|
2024-11-21 09:05 |
2016-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303487
|
- |
|
csilvers
|
gperftools
|
Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large siz…
|
CWE-189
Numeric Errors
|
CVE-2005-4895
|
2024-11-21 09:05 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303488
|
9.8 |
CRITICAL
Network
|
gnu
|
glibc
|
The getgrouplist function in the GNU C library (glibc) before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buf…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2005-3590
|
2024-11-21 09:02 |
2019-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303489
|
9.8 |
CRITICAL
Network
|
twiki
|
twiki
|
TWiki allows arbitrary shell command execution via the Include function
|
CWE-74
Injection
|
CVE-2005-3056
|
2024-11-21 09:01 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303490
|
9.8 |
CRITICAL
Network
|
nvu
|
nvu
|
Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues.
|
NVD-CWE-noinfo
|
CVE-2005-2354
|
2024-11-21 08:59 |
2019-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
