Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0325 | Remote Denial Of Service vulnerability in Techland Xpand Rally 1.0 Xpand Rally 1.0.0.0 allows remote attackers or remote malicious game servers to cause a denial of service (application crash) via a packet with large values that are not properly handled in certain malloc or memcpy operations. | 5.0 |
| 2005-05-02 | CVE-2005-0311 | Unspecified vulnerability in Ingate Firewall Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources. | 4.6 |
| 2005-05-02 | CVE-2005-0310 | Information Disclosure vulnerability in Exponent 0.95 Exponent 0.95 allows remote attackers to obtain sensitive information via a direct HTTP request to (1) search.info.php, (2) permissions.info.php, (3) security.info.php, (4) formcontrol.php, or (5) file_modules.php, which reveals the path in an error message because the pathos_core_version variable is undefined. | 5.0 |
| 2005-05-02 | CVE-2005-0304 | Directory Traversal vulnerability in Divx Player 2.6 Directory traversal vulnerability in DivX Player 2.6 and earlier allows remote attackers to overwrite arbitrary files via a .. | 5.0 |
| 2005-05-02 | CVE-2005-0303 | Cross-Site Scripting vulnerability in Comersus Open Technologies Comersus Backoffice Lite 6.0/6.1 Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_supportError.asp or (2) comersus_backofficelite_supportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error parameter. network comersus-open-technologies | 4.3 |
| 2005-05-02 | CVE-2005-0299 | Information Disclosure vulnerability in GForge Directory traversal vulnerability in GForge 3.3 and earlier allows remote attackers to list arbitrary directories via a .. | 5.0 |
| 2005-05-02 | CVE-2005-0298 | Unspecified vulnerability in Oracle Database Server The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information. | 5.0 |
| 2005-05-02 | CVE-2005-0293 | Remote Directory Traversal vulnerability in Minis 0.2.1 Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-05-02 | CVE-2005-0289 | Remote Denial of Service vulnerability in Apple AirPort Wireless Distribution System Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs. | 5.0 |
| 2005-05-02 | CVE-2005-0286 | Multiple vulnerability in eMotion MediaPartner Enterprise eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . | 5.0 |