Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0386 | Unspecified vulnerability in Mailreader.Com Cross-site scripting (XSS) vulnerability in network.cgi in mailreader before 2.3.29 earlier allows remote attackers to inject arbitrary web script or HTML via MIME text/enriched or text/richtext messages. network mailreader-com | 4.3 |
2005-05-02 | CVE-2005-0382 | Remote Denial of Service vulnerability in Breed Patch1 Breed patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via an empty UDP packet, which triggers a null dereference. | 5.0 |
2005-05-02 | CVE-2005-0379 | File Disclosure vulnerability in Zeroboard Multiple directory traversal vulnerabilities in ZeroBoard 4.1pl5 and earlier allow remote attackers to read arbitrary files via a .. | 5.0 |
2005-05-02 | CVE-2005-0378 | Cross-Site Scripting vulnerability in Horde 3.0 Multiple cross-site scripting (XSS) vulnerabilities in Horde 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to prefs.php or (2) url parameter to index.php. network horde | 4.3 |
2005-05-02 | CVE-2005-0375 | Information Disclosure vulnerability in Sergey Kiselev Sgallery 1.01 imageview.php in SGallery 1.01 allows remote attackers to obtain sensitive information via an HTTP request with (1) idalbum and (2) idimage unset, which reveals the installation path in an error message for the sql_fetch_row function. | 5.0 |
2005-05-02 | CVE-2005-0374 | Unspecified vulnerability in Bitshifters Bitboard 2.0/2.5 Cross-site scripting (XSS) vulnerability in Bitboard 2.5 and earlier allows remote attackers to inject arbitrary web script or HTML via an [img] bbcode image tag with an event such as mouseover. network bitshifters | 4.3 |
2005-05-02 | CVE-2005-0371 | Unspecified vulnerability in Armagetron and Armagetron Advanced Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (freeze) via a large number of player connections that do not send any data. | 5.0 |
2005-05-02 | CVE-2005-0370 | Denial-Of-Service vulnerability in Armagetron and Armagetron Advanced Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (network disconnection) via an empty UDP packet, which is not properly distinguished from the "no new packets" state of the associated socket. | 5.0 |
2005-05-02 | CVE-2005-0366 | Inadequate Encryption Strength vulnerability in Gnupg The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback (CFB) mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is available to determine whether an integrity check failed. | 5.0 |
2005-05-02 | CVE-2005-0347 | Remote Security vulnerability in RealArcade Integer overflow in RealArcade 1.2.0.994 and earlier allows remote attackers to execute arbitrary code via an RGS file with an invalid size string for the GUID and game name, which leads to a buffer overflow. | 5.1 |