Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-07-18 | CVE-2005-2285 | Unspecified vulnerability in ESI products Webeoc WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration. | 5.0 |
2005-07-18 | CVE-2005-2282 | Unspecified vulnerability in ESI products Webeoc 6.0.2 Multiple cross-site scripting (XSS) vulnerabilities in WebEOC before 6.0.2 allow remote attackers to inject arbitrary web script and HTML via unknown vectors. network esi-products | 4.3 |
2005-07-18 | CVE-2005-2280 | Unspecified vulnerability in Cisco Security Agent 4.5 Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. | 5.0 |
2005-07-18 | CVE-2005-2279 | Remote Denial Of Service vulnerability in Cisco ONS 15216 OADM Management Plane Telnet Service Cisco ONS 15216 Optical Add/Drop Multiplexer (OADM) running firmware 2.2.2 and earlier allows remote attackers to cause a denial of service (management plane session loss) via crafted telnet data. | 5.0 |
2005-07-18 | CVE-2005-2195 | Denial-Of-Service vulnerability in Darwin Streaming Server Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service (application crash) via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502. | 5.0 |
2005-07-18 | CVE-2005-1174 | Remote Denial of Service vulnerability in MIT Kerberos 5 Key Distribution Center MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. | 5.0 |
2005-07-13 | CVE-2005-2266 | Unspecified vulnerability in Mozilla Firefox and Mozilla Firefox before 1.0.5 and Mozilla before 1.7.9 allows a child frame to call top.focus and other methods in a parent frame, even when the parent is in a different domain, which violates the same origin policy and allows remote attackers to steal sensitive information such as cookies and passwords from web sites whose child frames do not verify that they are in the same domain as their parents. | 5.0 |
2005-07-13 | CVE-2005-2265 | Unspecified vulnerability in Mozilla Firefox and Mozilla Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calling InstallVersion.compareTo with an object instead of a string. | 5.0 |
2005-07-13 | CVE-2005-2263 | Unspecified vulnerability in Mozilla Firefox and Mozilla The InstallTrigger.install method in Firefox before 1.0.5 and Mozilla before 1.7.9 allows remote attackers to execute a callback function in the context of another domain by forcing a page navigation after the install method has been called, which causes the callback to be run in the context of the new page and results in a same origin violation. | 5.0 |
2005-07-13 | CVE-2005-2262 | Unspecified vulnerability in Mozilla Firefox 1.0.3/1.0.4 Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling." | 5.1 |