Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2282 | Security Bypass vulnerability in Dansguardian DansGuardian before 2.7.7-2 allows remote attackers to bypass URL filters via a ".." in the request. | 5.0 |
| 2004-12-31 | CVE-2004-2280 | Java Applet vulnerability in IBM Lotus Notes Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN. | 5.0 |
| 2004-12-31 | CVE-2004-2279 | Cross-Site Scripting vulnerability in Invision Power Services Invision Power Board 1.3Final Cross-site scripting (XSS) vulnerability in Invision Power Board 1.3 Final allows remote attackers to execute arbitrary script as other users via the pop parameter in a chat action to index.php. network invision-power-services | 4.3 |
| 2004-12-31 | CVE-2004-2278 | Cross-Site Scripting vulnerability in Chaogic Systems VHost Unknown cross-site scripting (XSS) vulnerability in the web GUI in vHost before 3.10r1 has unknown impact and attack vectors. network chaogic-systems | 4.3 |
| 2004-12-31 | CVE-2004-2277 | Buffer Overflow vulnerability in Agsm 2.35C/2.51C Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server response. | 5.0 |
| 2004-12-31 | CVE-2004-2274 | Remote URI Parsing vulnerability in W3C Jigsaw Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI. | 6.4 |
| 2004-12-31 | CVE-2004-2273 | Denial-Of-Service vulnerability in Evan Sims Effingerd 0.2.12 efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a packet with a single byte, which triggers a "Wrong protocol or connection state" error. | 5.0 |
| 2004-12-31 | CVE-2004-2272 | Denial-Of-Service vulnerability in Evan Sims Effingerd 0.2.12 Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command. | 5.0 |
| 2004-12-31 | CVE-2004-2268 | Information Disclosure vulnerability in Pimentech Pimengest2 1.10.1 PimenGest2 before 1.1.1 allows remote attackers to obtain the database password via debug information in rowLatex.inc.php. | 5.0 |
| 2004-12-31 | CVE-2004-2267 | Input Validation vulnerability in Ansel Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name. network ansel | 4.3 |