CVE-2005-2730

The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message.

Publication date: Tue, 30 Aug 2005 16:45:00 +0000

Cyber News related to CVE-2005-2730

CVE-2011-2730 - VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via ...
6 years ago

CVE-2005-2730 - The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message. ...
6 years ago

CVE-2013-2730 - Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2733. ...
6 years ago

CVE-2013-2733 - Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2730. ...
6 years ago

CVE-2014-2730 - The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption and ...
5 years ago

CVE-2024-2730 - Mautic uses predictable page indices for unpublished landing pages, their content can be accessed by unauthenticated users under public preview URLs which could expose sensitive data. At the time of publication of the CVE no patch is available ...
2 months ago Tenable.com

CVE-2004-2730 - Sysinternals PsTools before 2.05, including (1) PsExec before 1.54, (2) PsGetsid before 1.41, (3) PsInfo before 1.61, (4) PsKill before 1.03, (5) PsList before 1.26, (6) PsLoglist before 2.51, (7) PsPasswd before 1.21, (8) PsService before 2.12, (9) ...
6 years ago

CVE-2008-2730 - The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and ...
6 years ago

CVE-2012-2730 - The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions. ...
6 years ago

CVE-2006-2730 - PHP remote file inclusion vulnerability in admin/lib_action_step.php in Hot Open Tickets (HOT) 11012004_ver2f, when register_globals is enabled, allows remote attackers to include arbitrary files via the GLOBALS[CLASS_PATH] parameter. NOTE: this ...
6 years ago

CVE-2017-2730 - HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information leak vulnerability. When an iPhone with these APPs installed access the Wi-Fi hotpot built by ...
6 years ago

CVE-2009-2730 - libgnutls in GnuTLS before 2.8.2 does not properly handle a '\0' character in a domain name in the subject's (1) Common Name (CN) or (2) Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle ...
5 years ago

CVE-2007-2730 - Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass ...
5 years ago

CVE-2018-2730 - Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Cross Pillar). The supported version that is affected is 16.0. Easily exploitable vulnerability allows low privileged attacker with network ...
4 years ago

CVE-2019-2730 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker ...
3 years ago

CVE-2020-2730 - Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). Supported versions that are affected are 2.7.0.0, 2.7.0.1 and 2.8.0.0. Easily exploitable ...
3 years ago

CVE-2010-2730 - Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka "Request Header Buffer Overflow Vulnerability." Per: ...
3 years ago

CVE-2020-13960 - D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for ...
3 years ago

CVE-2022-2730 - Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1. ...
1 year ago

CVE-2023-2730 - Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3. ...
1 year ago

CVE-2015-2730 - Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which ...
9 months ago

CVE-2016-2730 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none ...
54 years ago Tenable.com

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
15 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
15 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
7 months ago

Latest Cyber News

CVE-2024-37528 - 2 hours ago
CVE-2024-31897 - 2 hours ago
CVE-2024-38330 - 3 hours ago
CVE-2024-39723 - 4 hours ago
CVE-2024-5711 - 5 hours ago
CVE-2024-6539 - 6 hours ago
CVE-2024-6229 - 13 hours ago
CVE-2024-40614 - 14 hours ago
CVE-2024-40605 - 1 day ago
CVE-2024-40604 - 1 day ago
CVE-2024-40603 - 1 day ago
CVE-2024-40602 - 1 day ago
CVE-2024-40601 - 1 day ago
CVE-2024-40600 - 1 day ago
CVE-2024-40599 - 1 day ago
CVE-2024-40598 - 1 day ago
CVE-2024-40596 - 1 day ago
CVE-2024-40597 - 1 day ago
CVE-2024-6095 - 1 day ago
CVE-2024-37554 - 1 day ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 7 months ago
Kimsuky - 7 months ago
LogoFAIL - 7 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-5711 - 5 hours ago
CVE-2024-39723 - 4 hours ago
CVE-2024-38330 - 3 hours ago
CVE-2024-37528 - 2 hours ago
CVE-2024-31897 - 2 hours ago
CVE-2024-6539 - 6 hours ago
CVE-2024-6229 - 13 hours ago
CVE-2024-40614 - 14 hours ago
CVE-2024-40605 - 1 day ago
CVE-2024-40604 - 1 day ago
CVE-2024-40603 - 1 day ago
CVE-2024-40602 - 1 day ago
CVE-2024-40601 - 1 day ago
CVE-2024-40600 - 1 day ago
CVE-2024-40599 - 1 day ago
CVE-2024-40598 - 1 day ago
CVE-2024-40596 - 1 day ago
CVE-2024-40597 - 1 day ago
CVE-2024-6095 - 1 day ago
CVE-2024-37553 - 1 day ago