Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-09-28 | CVE-2004-0163 | Unspecified vulnerability in Sygate Technologies Secure Enterprise Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session and repeatedly replaying the session. | 5.0 |
| 2004-09-28 | CVE-2003-1049 | Unspecified vulnerability in IBM DB2 Universal Database 7.0/8.0 IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. | 4.6 |
| 2004-09-28 | CVE-2003-0931 | Unspecified vulnerability in Sygate Technologies Enforcer Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999. | 5.0 |
| 2004-09-28 | CVE-2003-0105 | Unspecified vulnerability in Port80 Software Servermask ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server. | 5.0 |
| 2004-09-24 | CVE-2004-1698 | Remote Denial Of Service vulnerability in Leadmind Popmessenger 1.60 The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash. | 5.0 |
| 2004-09-21 | CVE-2004-1699 | Denial Of Service vulnerability in Pinnacle Systems Showcenter 1.51 SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (web interface errors) via an invalid Skin parameter. | 5.0 |
| 2004-09-21 | CVE-2004-1696 | Authentication Bypass And Denial Of Service vulnerability in Emulive Server4 Commercebuild7560 EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66. | 5.0 |
| 2004-09-21 | CVE-2004-1378 | Remote Denial Of Service vulnerability in Jabber Studio JabberD The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections. | 5.0 |
| 2004-09-18 | CVE-2004-1692 | Input Validation vulnerability in Mambo Open Source 4.51.0.9 Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers to inject arbitrary web script or HTML via the (1) Itemid, (2) mosmsg, or (3) limit parameters. network mambo | 4.3 |
| 2004-09-18 | CVE-2004-1691 | Denial Of Service And Cross-Site Scripting vulnerability in Rhinosoft Dns4Me 3.0.0.4 The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. | 5.0 |