Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-1132 | Remote Denial Of Service vulnerability in LG Electronics LG Mobile Phone U8120 LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malformed MIDI file. | 5.0 |
2005-05-02 | CVE-2005-1127 | Unspecified vulnerability in Postgrey 1.17/1.18 Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey. | 5.0 |
2005-05-02 | CVE-2005-1125 | Unspecified vulnerability in Avaya Libsafe Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed. | 5.1 |
2005-05-02 | CVE-2005-1124 | Local Security vulnerability in Solaris Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API. | 4.6 |
2005-05-02 | CVE-2005-1123 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Monkey-Project Monkey Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file. | 5.0 |
2005-05-02 | CVE-2005-1121 | Remote Format String vulnerability in Oops! Proxy Server Auth Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL. | 5.0 |
2005-05-02 | CVE-2005-1120 | Remote HTML Injection vulnerability in IlohaMail Email Message Multiple cross-site scripting (XSS) vulnerabilities in IlohaMail 0.8.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the e-mail (1) body, (2) filename, or (3) MIME type. network ilohamail | 4.3 |
2005-05-02 | CVE-2005-1116 | Cross-Site Scripting vulnerability in phpBB Cross-site scripting (XSS) vulnerability in the Calendar module for phpBB allow remote attackers to inject arbitrary web script or HTML via the start parameter to calendar_scheduler.php. network phpbb-group | 4.3 |
2005-05-02 | CVE-2005-1115 | Cross-Site Scripting vulnerability in PHPBB Photo Album Module Multiple cross-site scripting (XSS) vulnerabilities in Photo Album 2.0.53 module for phpBB allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) album_cat.php or (2) album_comment.php. | 4.3 |
2005-05-02 | CVE-2005-1113 | Cross-Site Scripting vulnerability in PHPbb Group PHPbb Plus 1.3/1.51 Multiple cross-site scripting (XSS) vulnerabilities in PhpBB Plus 1.52 and earlier allow remote attackers to inject arbitrary web script or HTML via the bsid parameter to (1) groupcp.php, (2) index.php, (3) portal.php, (4) viewforum.php, or (5) viewtopic.php, (6) the c parameter to index.php, or (7) the article parameter to portal.php. network phpbb-group | 4.3 |