CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1CVE-2005-2564 – Gravity Board X 1.1 - 'csscontent' Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-2564
Direct static code injection vulnerability in editcss.php in Gravity Board X (GBX) 1.1 allows remote attackers to execute arbitrary PHP code, HTML, and script via the csscontent parameter, which is directly inserted into the gbxfinal.css file. • https://www.exploit-db.com/exploits/1510 http://marc.info/?l=bugtraq&m=112351740803443&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/21742 •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1187
https://notcve.org/view.php?id=CVE-2005-1187
Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a vulnerability. • http://securitytracker.com/id?1013727 http://www.unl0ck.org/files/papers/winhex.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/20139 •
CVSS: 7.5EPSS: 1%CPEs: 82EXPL: 0CVE-2005-0605 – libxpm buffer overflow
https://notcve.org/view.php?id=CVE-2005-0605
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U http://bugs.gentoo.org/show_bug.cgi?id=83598 http://bugs.gentoo.org/show_bug.cgi?id=83655 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://secunia.c •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 2CVE-2004-2368 – RobotFTP Server 1.0/2.0 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-2368
PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter. • https://www.exploit-db.com/exploits/23750 http://www.opt-x.org/index.php http://www.securityfocus.com/bid/9732 http://www.zone-h.org/en/advisories/read/id=4036 https://exchange.xforce.ibmcloud.com/vulnerabilities/15296 •
CVSS: 10.0EPSS: 8%CPEs: 40EXPL: 0CVE-2004-0914 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0914
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. NOTE: it is highly likely that this candidate will be SPLIT into other candidates in the future, per CVE's content decisions. Múltiples vulnerabilidades en libXpm 6.8.1 y anteriores, usada en XFree86 y otros paquetes, incluyendo (1) múltiples desbordamientos de enteros, (2) accesos de memoria fuera de límites, (3) atravesamiento de directorios, (4) metacaractéres de shell, (5) bucles infinitos, y (6) filtraciones de memoria podrían permitir a atacantes remotos obtener información sensible, causar una denegación de servicio (caída de aplicación) o ejecutar código de su elección mediante un cierto fichero de imagen XPM. • http://rhn.redhat.com/errata/RHSA-2004-537.html http://secunia.com/advisories/13224 http://www.debian.org/security/2004/dsa-607 http://www.gentoo.org/security/en/glsa/glsa-200411-28.xml http://www.gentoo.org/security/en/glsa/glsa-200502-06.xml http://www.gentoo.org/security/en/glsa/glsa-200502-07.xml http://www.linuxsecurity.com/content/view/106877/102 http://www.mandriva.com/security/advisories?name=MDKSA-2004:137 http://www.redhat.com/archives/fedora-legacy- •