Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2005-01-10	CVE-2004-0915	Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information. network low complexity viewcvs debian	5.0
2004-12-15	CVE-2004-1145	Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. network low complexity ethereal-group sgi conectiva altlinux debian redhat suse	5.0
2004-12-06	CVE-2002-1581	Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. network low complexity mailreader-com debian	5.0
2004-09-28	CVE-2004-0643	Double Free vulnerability in multiple products Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. local low complexity mit debian redhat CWE-415	4.6
2004-08-06	CVE-2004-0583	Multiple Unspecified vulnerability in Webmin The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. network low complexity usermin webmin debian	5.0
2004-02-16	CVE-2004-1180	Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). network low complexity sun debian mandrakesoft	5.0
2003-08-27	CVE-2003-0615	Cross-Site Scripting vulnerability in CGI.pm Start_Form Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. network cgi-pm openpkg debian	4.3
2003-08-18	CVE-2003-0440	The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. local low complexity semi debian	4.6
2003-07-02	CVE-2003-0382	Buffer Overflow vulnerability in Eterm PATH_ENV Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. local low complexity michael-jennings debian	4.6
2003-06-09	CVE-2003-0362	Denial-Of-Service vulnerability in Linux Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. network low complexity debian	5.0