Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-06-29 | CVE-2005-2054 | Remote Security vulnerability in RealPlayer Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files or execute arbitrary ActiveX controls via a crafted MP3 file. | 5.1 |
| 2005-06-28 | CVE-2005-2053 | Information Disclosure vulnerability in JAF CMS Just another flat file (JAF) CMS before 3.0 Final allows remote attackers to obtain sensitive information via (1) an * (asterisk) in the id parameter, (2) a blank id parameter, or (3) an * (asterisk) in the disp parameter to index.php, which reveals the path in an error message. | 5.0 |
| 2005-06-28 | CVE-2005-2052 | Remote Security vulnerability in RealPlayer Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value. | 5.1 |
| 2005-06-28 | CVE-2005-2050 | Remote Security vulnerability in Tor Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space. | 5.0 |
| 2005-06-28 | CVE-2005-1766 | Unspecified vulnerability in Realnetworks Realplayer Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code via a RealMedia file with a long RealText string, such as an SMIL file. | 5.1 |
| 2005-06-22 | CVE-2005-1524 | Unspecified vulnerability in the Cacti Group Cacti PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the config[library_path] parameter. | 5.0 |
| 2005-06-20 | CVE-2005-2040 | Unspecified vulnerability in Telnetd Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CVE-2005-0469. | 5.0 |
| 2005-06-20 | CVE-2005-2038 | Remote Security vulnerability in Fortibus CMS 4.0.0 Fortibus CMS 4.0.0 allows remote attackers to modify information of other users, including Admin, via the "My info" page. | 5.0 |
| 2005-06-20 | CVE-2005-2034 | Cross-Site Scripting vulnerability in Blue-Collar Productions I-Gallery 3.3 Cross-site scripting (XSS) vulnerability in folderview.asp for BlueCollar iGallery 3.3 allows remote attackers to inject arbitrary web script or HTML via the folder parameter. network blue-collar-productions | 4.3 |
| 2005-06-20 | CVE-2005-2033 | Path Traversal vulnerability in Blue-Collar Productions I-Gallery 3.3 Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter. | 5.0 |