CVSS: 7.5EPSS: 8%CPEs: 11EXPL: 0CVE-2005-2970
https://notcve.org/view.php?id=CVE-2005-2970
25 Oct 2005 — Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections. • http://mail-archives.apache.org/mod_mbox/httpd-cvs/200509.mbox/%3C20051001110218.40692.qmail%40minotaur.apache.org%3E • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 3%CPEs: 8EXPL: 0CVE-2005-1268
https://notcve.org/view.php?id=CVE-2005-1268
05 Aug 2005 — Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. Error de fuera-por-uno en la retrollamda de verificación de Lista de Revocación de Certificados (CRL) de mod_ssl para Apache, cuando se configura para usar un CRL, permite a atacantes remotos causar una denegación de servicio (caída de proceso hijo) ... • http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html • CWE-193: Off-by-one Error •
CVSS: 9.1EPSS: 0%CPEs: 19EXPL: 0CVE-2005-1760
https://notcve.org/view.php?id=CVE-2005-1760
13 Jun 2005 — sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges. • http://secunia.com/advisories/15675 •
CVSS: 9.1EPSS: 0%CPEs: 12EXPL: 0CVE-2005-1194
https://notcve.org/view.php?id=CVE-2005-1194
04 May 2005 — Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287. • http://www.redhat.com/support/errata/RHSA-2005-381.html •
CVSS: 6.3EPSS: 0%CPEs: 104EXPL: 0CVE-2005-0988
https://notcve.org/view.php?id=CVE-2005-0988
06 Apr 2005 — Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt •
CVSS: 9.8EPSS: 4%CPEs: 27EXPL: 3CVE-2005-0699
https://notcve.org/view.php?id=CVE-2005-0699
08 Mar 2005 — Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values. • http://marc.info/?l=bugtraq&m=111038641832400&w=2 •
CVSS: 9.8EPSS: 3%CPEs: 27EXPL: 0CVE-2005-0667
https://notcve.org/view.php?id=CVE-2005-0667
07 Mar 2005 — Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message. • http://secunia.com/advisories/14491 •
CVSS: 9.1EPSS: 6%CPEs: 146EXPL: 0CVE-2005-0206
https://notcve.org/view.php?id=CVE-2005-0206
15 Feb 2005 — The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podría dejar a los usuarios de Xpdf expuestos a las vulnerabilida... • http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 •
CVSS: 9.1EPSS: 0%CPEs: 28EXPL: 0CVE-2005-0078
https://notcve.org/view.php?id=CVE-2005-0078
29 Jan 2005 — The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. • http://www.debian.org/security/2005/dsa-660 •
CVSS: 9.1EPSS: 0%CPEs: 47EXPL: 0CVE-2004-1004
https://notcve.org/view.php?id=CVE-2004-1004
22 Jan 2005 — Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. Múltiples vulnerabilidades de cadena de formato en Midnight Commander (mc) 4.5.55 y versiones anteriores, permiten a atacantes remotos ejecutar acciones de impacto desconocido. • http://secunia.com/advisories/13863 •