CVE-2005-2990

AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files.

Publication date: Tue, 20 Sep 2005 05:03:00 +0000

Cyber News related to CVE-2005-2990

CVE-2005-2990 - AuthInfo.java in LineContol Java Client (jlc) before 0.8.1 stores sensitive information such as user passwords in log files. ...
13 years ago

CVE-2006-2990 - Cross-site scripting (XSS) vulnerability in default.asp in VanillaSoft Helpdesk 2005 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter. ...
6 years ago

CVE-2012-2990 - The MASetupCaller ActiveX control before 1.4.2012.508 in MASetupCaller.dll in MarkAny ContentSAFER, as distributed in Samsung KIES before 2.3.2.12074_13_13, does not properly implement unspecified methods, which allows remote attackers to download an ...
11 years ago

CVE-2015-2990 - Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter. ...
8 years ago

CVE-2011-2990 - The implementation of Content Security Policy (CSP) violation reports in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not remove proxy-authorization credentials from the listed request headers, which ...
6 years ago

CVE-2008-2990 - PHP remote file inclusion vulnerability in facileforms.frame.php in the FacileForms (com_facileforms) component 1.4.4 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the ff_compath parameter. ...
6 years ago

CVE-2007-2990 - Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. ...
6 years ago

CVE-2010-2990 - Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac for XenApp & XenDesktop before 11.0, Citrix ICA Client for Linux before 11.100, Citrix ICA Client for Solaris before 8.63, and Citrix ...
5 years ago

CVE-2009-2990 - Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors. Per: ...
5 years ago

CVE-2017-2990 - Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution. ...
1 year ago

CVE-2022-2990 - An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups ...
1 year ago

CVE-2018-2990 - Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.55 and 8.56. Difficult to exploit vulnerability allows unauthenticated ...
4 years ago

CVE-2019-2990 - Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Order Tracker). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network ...
4 years ago

CVE-2023-2990 - Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service ...
1 year ago

CVE-2013-2990 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none ...
54 years ago Tenable.com

CVE-2024-2990 - A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. This affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is ...
3 months ago

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
15 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
15 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
6 months ago

CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
15 years ago

CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
54 years ago Tenable.com

CVE-2005-3122 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3424, CVE-2005-3425. Reason: this candidate was intended for one issue, but two different authoritative sources used it for two distinct issues. Notes: All CVE users should ...
54 years ago Tenable.com

CVE-2005-2965 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4802, CVE-2005-4803. Reason: this candidate was intended for one issue, but the description and references inadvertently combined multiple issues. Notes: All CVE users should ...
54 years ago Tenable.com

CVE-2005-2937 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3663, CVE-2005-3664. Reason: this candidate was intended for one issue, but multiple advisories used this candidate for different issues. Notes: All CVE users should consult ...
54 years ago Tenable.com

CVE-2005-2802 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2872, CVE-2005-2873. Reason: this candidate's description originally combined two separate issues. Notes: All CVE users should consult CVE-2005-2872 and CVE-2005-2873 to ...
54 years ago Tenable.com

Latest Cyber News

Indonesian government didn't backup ransomwared data The Register - 19 minutes ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 19 minutes ago
Portainer: Open-source Docker and Kubernetes management - 19 minutes ago
Why every company needs a DDoS response plan - 19 minutes ago
Microsoft tells more customers their emails have been stolen The Register - 1 hour ago
Preparing for Q-Day as NIST nears approval of PQC standards - 1 hour ago
Infosec products of the month: June 2024 - 2 hours ago
CVE-2024-38525 - 4 hours ago
CVE-2024-6418 - 6 hours ago
CVE-2024-6417 - 6 hours ago
CVE-2023-48733 - 6 hours ago
Cybersecurity Today: Cyber Security Today, Week in Review for week ending Friday, June 28, 2024 - 6 hours ago
CVE-2024-6416 - 7 hours ago
Generative AI is new attack vector endangering enterprises, says CrowdStrike CTO - 7 hours ago
Google Chrome to let Isolated Web App access sensitive USB devices - 8 hours ago
CVE-2024-34703 - 8 hours ago
CVE-2024-28794 - 10 hours ago
CVE-2023-50964 - 10 hours ago
The dangers of voice fraud: We can't detect what we can't see - 10 hours ago
CVE-2024-28797 - 11 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

Why every company needs a DDoS response plan - 19 minutes ago
Portainer: Open-source Docker and Kubernetes management - 19 minutes ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 19 minutes ago
Indonesian government didn't backup ransomwared data The Register - 19 minutes ago
Microsoft tells more customers their emails have been stolen The Register - 1 hour ago
Preparing for Q-Day as NIST nears approval of PQC standards - 1 hour ago
Infosec products of the month: June 2024 - 2 hours ago
CVE-2024-6416 - 7 hours ago
CVE-2024-6418 - 6 hours ago
CVE-2024-6417 - 6 hours ago
CVE-2024-34703 - 8 hours ago
Cybersecurity Today: Cyber Security Today, Week in Review for week ending Friday, June 28, 2024 - 6 hours ago
Generative AI is new attack vector endangering enterprises, says CrowdStrike CTO - 7 hours ago
CVE-2024-28797 - 11 hours ago
CVE-2023-50952 - 11 hours ago
CVE-2024-31898 - 11 hours ago
CVE-2023-50953 - 11 hours ago
CVE-2024-28794 - 10 hours ago
CVE-2023-50964 - 10 hours ago
Google Chrome to let Isolated Web App access sensitive USB devices - 8 hours ago