Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-12-19 | CVE-2000-0905 | Multiple vulnerability in QNX Voyager 2.01B QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page. | 5.0 |
| 2000-12-19 | CVE-2000-0904 | Multiple vulnerability in QNX Voyager 2.01B Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information. | 5.0 |
| 2000-12-19 | CVE-2000-0903 | Multiple vulnerability in QNX Voyager 2.01B Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2000-12-19 | CVE-2000-0902 | Unspecified vulnerability in Nathan Purciful PHPphotoalbum 0.9.9 getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2000-12-19 | CVE-2000-0901 | Unspecified vulnerability in Juergen Weigert Screen 3.9.3/3.9.4/3.9.5 Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable. | 4.6 |
| 2000-12-19 | CVE-2000-0888 | named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | 5.0 |
| 2000-12-19 | CVE-2000-0887 | Unspecified vulnerability in ISC Bind 8.2.2 named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | 5.0 |
| 2000-12-19 | CVE-2000-0811 | Unspecified vulnerability in CGI Script Center Auction Weaver Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2000-12-18 | CVE-2000-1212 | Unspecified vulnerability in Zope Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects. | 5.0 |
| 2000-12-11 | CVE-2000-1078 | Unspecified vulnerability in Mirabilis ICQ web Front Windows9X ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character. | 5.0 |