Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-07-12 | CVE-2005-2232 | Local Buffer Overflow vulnerability in IBM AIX 5.1/5.2/5.3 Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument. | 4.6 |
| 2005-07-12 | CVE-2005-2228 | Information Disclosure vulnerability in BDC Enterprises web WIZ Forums 7.9/7.91/8.0Alpha Web Wiz Forums 7.9 and 8.0 allows remote attackers to view message titles of a hidden forum. | 5.0 |
| 2005-07-12 | CVE-2005-2226 | Multiple vulnerability in Microsoft Outlook Express 6.0 Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information. | 5.0 |
| 2005-07-12 | CVE-2005-2223 | Denial-Of-Service vulnerability in Mailenable Professional and Mailenable Standard Unknown vulnerability in the SMTP service in MailEnable Standard before 1.9 and Professional before 1.6 allows remote attackers to cause a denial of service (crash) during authentication. | 5.0 |
| 2005-07-12 | CVE-2005-2219 | Cross-Site Request Forgery vulnerability in Hosting Controller Hosting Controller 6.1Hotfix2.1 Hosting Controller 6.1 Hotfix 2.1 allows remote authenticated users to perform unauthorized actions, such as modifying the credit limit, via a direct request to AccountActions.asp and modifying the CreditLimit parameter in an UpdateCreditLimit action. | 4.6 |
| 2005-07-12 | CVE-2005-2217 | Information Disclosure vulnerability in Dansie Shopping Cart Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables. | 5.0 |
| 2005-07-12 | CVE-2005-2215 | Cross-Site Scripting vulnerability in MediaWiki Page Move Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888. network mediawiki | 4.3 |
| 2005-07-11 | CVE-2005-2214 | Unspecified vulnerability in Debian Apt-Setup apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords. | 4.6 |
| 2005-07-11 | CVE-2005-2212 | Remote Security vulnerability in Sukria Backup Manager 0.5.8A Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository. | 6.4 |
| 2005-07-11 | CVE-2005-2211 | Local Security vulnerability in Sukria Backup Manager 0.5.8A Backup Manager 0.5.8a creates temporary files insecurely, which allows local users to conduct unauthorized file operations when a user is burning a CDR. | 4.6 |