Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-0298 | Unspecified vulnerability in Oracle Database Server The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information. | 5.0 |
| 2005-05-02 | CVE-2005-0293 | Remote Directory Traversal vulnerability in Minis 0.2.1 Directory traversal vulnerability in minis.php in Minis 0.2.1 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-05-02 | CVE-2005-0289 | Remote Denial of Service vulnerability in Apple AirPort Wireless Distribution System Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs. | 5.0 |
| 2005-05-02 | CVE-2005-0286 | Multiple vulnerability in eMotion MediaPartner Enterprise eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . | 5.0 |
| 2005-05-02 | CVE-2005-0285 | Unspecified vulnerability in Bottomline Webseries Payment Application 4.0 Webseries Payment Application does not properly restrict privileged operations, which allows remote authenticated users to gain privileges by directly accessing certain URLs. | 4.6 |
| 2005-05-02 | CVE-2005-0281 | Remote vulnerability in Soldner Secret Wars Cross-site scripting (XSS) vulnerability in the web interface in Soldner Secret Wars 30830 allows remote attackers to inject arbitrary web script or HTML via a user message, which is not filtered or quoted when the administrator views the server logs. network jowood-productions | 4.3 |
| 2005-05-02 | CVE-2005-0279 | Remote vulnerability in Soldner Secret Wars Soldner Secret Wars 30830 and earlier does not properly handle the "message too long" socket error, which allows remote attackers to cause a denial of service (socket termination) via a long UDP packet. | 5.0 |
| 2005-05-02 | CVE-2005-0278 | Remote vulnerability in 3Com 3Cdaemon 2.0 The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name, which reveals the installation path in an error message. | 5.0 |
| 2005-05-02 | CVE-2005-0277 | Remote vulnerability in 3Com 3Cdaemon 2.0 Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls. | 5.0 |
| 2005-05-02 | CVE-2005-0276 | Remote vulnerability in 3Com 3Cdaemon 2.0 Multiple format string vulnerabilities in the FTP service in 3Com 3CDaemon 2.0 revision 10 allow remote attackers to cause a denial of service (application crash) via format string specifiers in (1) the username, (2) cd, (3) delete, (4) rename, (5) rmdir, (6) literal, (7) stat, or (8) CWD commands. | 5.0 |