CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1824
https://notcve.org/view.php?id=CVE-2005-1824
02 Jun 2005 — The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which is used as an escape character and makes the module vulnerable to SQL injection attacks. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=308031 •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2005-1522
https://notcve.org/view.php?id=CVE-2005-1522
26 May 2005 — The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command. • http://secunia.com/advisories/15442 •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2005-1521
https://notcve.org/view.php?id=CVE-2005-1521
26 May 2005 — Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message request with a large value in the END parameter, which leads to a heap-based buffer overflow. • http://secunia.com/advisories/15442 •
CVSS: 9.8EPSS: 82%CPEs: 2EXPL: 1CVE-2005-1523 – GNU Mailutils imap4d 0.6 - Remote Format String
https://notcve.org/view.php?id=CVE-2005-1523
26 May 2005 — Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands. • https://www.exploit-db.com/exploits/1123 •
CVSS: 8.8EPSS: 11%CPEs: 2EXPL: 1CVE-2005-1520 – GNU Mailutils 0.6 - Mail Email Header Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1520
26 May 2005 — Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-mail. • https://www.exploit-db.com/exploits/25706 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1705
https://notcve.org/view.php?id=CVE-2005-1705
24 May 2005 — gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb. • http://bugs.gentoo.org/show_bug.cgi?id=88398 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1704
https://notcve.org/view.php?id=CVE-2005-1704
24 May 2005 — Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow. • ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc • CWE-189: Numeric Errors •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2005-0758
https://notcve.org/view.php?id=CVE-2005-0758
13 May 2005 — zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.58/SCOSA-2005.58.txt •
CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 0CVE-2005-1431 – gnutls record packet parsing DoS [GNUTLS-SA-2005-1]
https://notcve.org/view.php?id=CVE-2005-1431
03 May 2005 — The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c. • http://lists.gnupg.org/pipermail/gnutls-dev/2005-April/000858.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-1229
https://notcve.org/view.php?id=CVE-2005-1229
22 Apr 2005 — Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:03.cpio.asc •