CVE-2005-2151

spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption.

Publication date: Wed, 06 Jul 2005 09:00:00 +0000

Cyber News related to CVE-2005-2151

CVE-2005-2151 - spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption. ...
16 years ago

CVE-2002-2151 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1651. Reason: This candidate is a duplicate of CVE-2002-1651. Notes: All CVE users should reference CVE-2002-1651 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2023-2319 - It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat ...
1 year ago

CVE-2012-4331 - Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), different vulnerabilities than CVE-2012-2151. ...
12 years ago

CVE-2010-2151 - Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown ...
14 years ago

CVE-2017-2151 - Cross-site scripting vulnerability in Booking Calendar version 7.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
7 years ago

CVE-2004-2151 - Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size. ...
7 years ago

CVE-2007-2151 - The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service (service crash) via a large length value in a malformed authentication packet, which triggers a heap ...
11 months ago

CVE-2011-2151 - The (1) Admin/frmEmailReportSettings.aspx, (2) Admin/frmGeneralSettings.aspx, (3) Admin/frmSite.aspx, (4) Client/frmUser.aspx, and (5) Login.aspx components in the SmarterTools SmarterStats 6.0 web server accept cleartext passwords, which makes it ...
7 years ago

CVE-2012-2151 - Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
7 years ago

CVE-2009-2151 - Directory traversal vulnerability in index.php in AdaptWeb 0.9.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the newlang parameter. ...
7 years ago

CVE-2006-2151 - PHP remote file inclusion vulnerability in toplist.php in phpBB TopList 1.3.8 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via the phpbb_root_path parameter. ...
7 years ago

CVE-2015-2151 - The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly ...
6 years ago

CVE-2019-2151 - In libxaac, there is a possible out of bounds read due to a missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: ...
5 years ago

CVE-2016-2151 - user/index.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 grants excessive authorization on the basis of the moodle/course:viewhiddenuserfields capability, which allows remote ...
3 years ago

CVE-2014-2151 - The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520. ...
2 years ago

CVE-2021-2151 - Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows high privileged attacker with network ...
3 years ago

CVE-2022-2151 - The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. ...
2 years ago

CVE-2013-2151 - Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder. ...
1 year ago

CVE-2023-2151 - A vulnerability, which was classified as critical, was found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file manage_student.php. The manipulation of the argument id leads to sql ...
1 year ago

CVE-2020-2151 - Jenkins Quality Gates Plugin 2.5 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. ...
1 year ago

CVE-2018-2151 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none ...
54 years ago Tenable.com

CVE-2024-2151 - A vulnerability classified as problematic was found in SourceCodester Online Mobile Management Store 1.0. Affected by this vulnerability is an unknown functionality of the component Product Price Handler. The manipulation of the argument quantity ...
8 months ago

Telegram revealed it shared U.S. user data with law enforcement - Independent website 404 Media first revealed that in 2024 Telegram has fulfilled more than a dozen law enforcement data requests from the U.S. authorities. At the end of September, Telegram updated its privacy policy informing users that it will ...
1 month ago Securityaffairs.com

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago

Latest Cyber News

CVE-2024-10914 - 1 day ago
CVE-2024-10915 - 1 day ago
CVE-2020-11859 - 1 day ago
CVE-2024-10186 - 1 day ago
CVE-2024-10168 - 1 day ago
CVE-2024-8323 - 1 day ago
CVE-2024-10715 - 1 day ago
CVE-2024-9902 - 1 day ago
CVE-2024-8614 - 1 day ago
CVE-2024-8615 - 1 day ago
CVE-2024-52043 - 1 day ago
CVE-2024-9681 - 1 day ago
CVE-2024-10543 - 1 day ago
CVE-2024-6626 - 1 day ago
CVE-2024-9307 - 1 day ago
CVE-2024-9946 - 1 day ago
CVE-2024-10020 - 1 day ago
CVE-2024-10535 - 1 day ago
CVE-2024-7879 - 1 day ago
CVE-2024-9934 - 1 day ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 10 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10826 - 2 days ago
CVE-2024-10827 - 2 days ago
CVE-2024-9657 - 2 days ago
CVE-2024-10263 - 2 days ago
CVE-2024-7059 - 2 days ago
CVE-2024-10842 - 2 days ago
CVE-2024-10859 - 2 days ago
CVE-2023-29114 - 2 days ago
CVE-2023-29115 - 2 days ago
CVE-2024-10844 - 2 days ago
CVE-2024-10845 - 2 days ago
CVE-2024-50993 - 2 days ago
CVE-2024-50994 - 2 days ago
CVE-2024-50995 - 2 days ago
CVE-2024-50996 - 2 days ago
CVE-2024-50997 - 2 days ago
CVE-2024-50998 - 2 days ago
CVE-2024-50999 - 2 days ago
CVE-2024-51000 - 2 days ago
CVE-2024-51001 - 2 days ago