Threat Alerts
Real-time critical CVE alerts, security advisories, and vulnerability intelligence — curated by the Vulnios Threat Intelligence team.
Critical Vulnerability: CVE-2005-3435 — archilles — newsworld
admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and sp
Critical Vulnerability: CVE-2005-3120 — invisible-island, debian — lynx, debian_linux
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lyn
Critical Vulnerability: CVE-2005-2103 — gaim_project — gaim
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a l
Critical Vulnerability: CVE-2005-1689 — mit, apple — kerberos_5, mac_os_x
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.
Critical Vulnerability: CVE-2005-1744 — bea — weblogic_server
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application is redeployed, which allows those users to continue to access the application without hav
Critical Vulnerability: CVE-2005-1513 — qmail_project, canonical — qmail, ubuntu_linux
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly
Critical Vulnerability: CVE-2005-0269 — sir — gnuboard
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that incl
Critical Vulnerability: CVE-2005-0199 — barton — ngircd
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a
Critical Vulnerability: CVE-2005-1141 — optical_character_recognition_project — optical_character_recognition
Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi
Critical Vulnerability: CVE-2005-0102 — gnome, debian — evolution, debian_linux
Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte
Critical Vulnerability: CVE-2005-0408 — citrusdb — citrusdb
CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass authentication and gain privileges by calculating th
Critical Vulnerability: CVE-2005-0496 — arkeia — network_backup
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands.
Protect Your Organization
Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.