CVE-2004-1xxx

There are 977 CVE in this subgroup.
Last updated: 
← Back to 2004
ID Summary Flags Max Score
CVE-2004-1000 lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which ...
CVE-2004-1001 Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions be...
CVE-2004-1002 Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of servi...
CVE-2004-1003 Trend ScanMail allows remote attackers to obtain potentially sensitive information or disable the an...
CVE-2004-1004 Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote at...
S
CVE-2004-1005 Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to ha...
S
CVE-2004-1006 Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to ...
S
CVE-2004-1007 The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denia...
CVE-2004-1008 Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to ...
S
CVE-2004-1009 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (inf...
S
CVE-2004-1010 Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compressi...
S
CVE-2004-1011 Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option ...
CVE-2004-1012 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote auth...
CVE-2004-1013 The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote auth...
S
CVE-2004-1014 statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attacke...
S
CVE-2004-1015 Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option ena...
S
CVE-2004-1016 The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, a...
E S
CVE-2004-1017 Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknow...
S
CVE-2004-1018 Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictio...
CVE-2004-1019 The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cau...
S
CVE-2004-1020 The addslashes function in PHP 4.3.9 does not properly escape a NULL (/0) character, which may allow...
E S
CVE-2004-1021 iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handlin...
CVE-2004-1022 Kerio Winroute Firewall before 6.0.7, ServerFirewall before 1.0.1, and MailServer before 6.0.5 use s...
CVE-2004-1023 Kerio Winroute Firewall before 6.0.9, ServerFirewall before 1.0.1, and MailServer before 6.0.5, when...
CVE-2004-1025 Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and sever...
S
CVE-2004-1026 Multiple integer overflows in the image handler for imlib 1.9.14 and earlier, which is used by gkrel...
S
CVE-2004-1027 Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote att...
S
CVE-2004-1028 Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local user...
CVE-2004-1029 The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly ...
S
CVE-2004-1030 fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitiv...
S
CVE-2004-1031 fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access...
S
CVE-2004-1032 fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitr...
S
CVE-2004-1033 Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows ...
S
CVE-2004-1034 Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine b...
S
CVE-2004-1035 Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c ...
CVE-2004-1036 Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime....
S
CVE-2004-1037 The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shel...
E S
CVE-2004-1038 A design error in the IEEE1394 specification allows attackers with physical access to a device to re...
CVE-2004-1039 The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, ...
S
CVE-2004-1043 Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to execute arbitrary code by using t...
CVE-2004-1049 Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attacker...
E
CVE-2004-1050 Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code ...
CVE-2004-1051 sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment...
S
CVE-2004-1052 Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows re...
S
CVE-2004-1053 Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbi...
S
CVE-2004-1054 Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local u...
CVE-2004-1055 Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote...
E
CVE-2004-1056 Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, whic...
CVE-2004-1057 Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag,...
S
CVE-2004-1058 Race condition in Linux kernel 2.6 allows local users to read the environment variables of another p...
S
CVE-2004-1059 Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote a...
S
CVE-2004-1060 Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote...
CVE-2004-1061 Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, a...
CVE-2004-1062 Multiple cross-site scripting (XSS) vulnerabilities in ViewCVS 0.9.2 allow remote attackers to injec...
S
CVE-2004-1063 PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver,...
CVE-2004-1064 The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing ...
CVE-2004-1065 Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows r...
S
CVE-2004-1066 The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x t...
CVE-2004-1067 Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a...
S
CVE-2004-1068 A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and ...
S
CVE-2004-1069 Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kerne...
CVE-2004-1070 The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4...
CVE-2004-1071 The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does...
S
CVE-2004-1072 The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may ...
S
CVE-2004-1073 The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and ...
S
CVE-2004-1074 The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local user...
E S
CVE-2004-1075 Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to...
E S
CVE-2004-1076 Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allo...
E S
CVE-2004-1077 Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server...
S
CVE-2004-1078 Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737...
S
CVE-2004-1079 Buffer overflow in (1) ncplogin and (2) ncpmap in nwclient.c for ncpfs 2.2.4, and possibly other ver...
S
CVE-2004-1080 The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Ser...
S
CVE-2004-1081 The Application Framework (AppKit) for Apple Mac OS X 10.2.8 and 10.3.6 does not properly restrict a...
S
CVE-2004-1082 mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce ...
S
CVE-2004-1083 Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, bu...
S
CVE-2004-1084 Apache for Apple Mac OS X 10.2.8 and 10.3.6 allows remote attackers to read files and resource fork ...
S
CVE-2004-1085 Human Interface Toolbox (HIToolBox) for Apple Mac 0S X 10.3.6 allows local users to exit application...
S
CVE-2004-1086 Buffer overflow in PSNormalizer for Apple Mac OS X 10.3.6 allows remote attackers to execute arbitra...
S
CVE-2004-1087 Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it...
S
CVE-2004-1088 Postfix server for Apple Mac OS X 10.3.6, when using CRAM-MD5, allows remote attackers to send mail ...
S
CVE-2004-1089 Unknown vulnerability in Apple Mac OS X 10.3.6 server, when using Kerberos authentication and Cyrus ...
S
CVE-2004-1090 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via ...
S
CVE-2004-1091 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by t...
S
CVE-2004-1092 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by c...
S
CVE-2004-1093 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via ...
S
CVE-2004-1094 Buffer overflow in InnerMedia DynaZip DUNZIP32.dll file version 5.00.03 and earlier allows remote at...
CVE-2004-1095 Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpc...
S
CVE-2004-1096 Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows re...
E S
CVE-2004-1097 Format string vulnerability in the cherokee_logger_ncsa_write_string function in Cherokee 0.4.17 and...
S
CVE-2004-1098 MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an ...
S
CVE-2004-1099 Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server ...
S
CVE-2004-1100 Cross-site scripting (XSS) vulnerability in mailpost.exe in MailPost 5.1.1sv, and possibly earlier v...
E
CVE-2004-1101 mailpost.exe in MailPost 5.1.1sv, and possibly earlier versions, allows remote attackers to cause a ...
E
CVE-2004-1102 MailPost 5.1.1sv, and possibly earlier versions, displays a different error message depending on whe...
E
CVE-2004-1103 MailPost 5.1.1sv, and possibly earlier versions, when debug mode is enabled, allows remote attackers...
CVE-2004-1104 Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status ...
E
CVE-2004-1105 Nortel Networks Contivity VPN Client displays a different error message depending on whether the use...
S
CVE-2004-1106 Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to...
S
CVE-2004-1107 dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a...
S
CVE-2004-1108 qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a sym...
S
CVE-2004-1109 The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a...
E S
CVE-2004-1110 The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary f...
S
CVE-2004-1111 Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and oth...
CVE-2004-1112 The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes ...
CVE-2004-1113 SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attack...
S
CVE-2004-1114 Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows ...
S
CVE-2004-1115 The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier exec...
S
CVE-2004-1116 The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned...
S
CVE-2004-1117 The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, w...
S
CVE-2004-1118 Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by Coffe...
E
CVE-2004-1119 Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.0...
E S
CVE-2004-1120 Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles net...
E
CVE-2004-1121 Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar ...
E S
CVE-2004-1122 Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, wh...
CVE-2004-1123 Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a den...
E S
CVE-2004-1124 Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the...
S
CVE-2004-1125 Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share ...
S
CVE-2004-1127 Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to exe...
E S
CVE-2004-1128 Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code...
CVE-2004-1129 SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and...
CVE-2004-1130 Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to ...
S
CVE-2004-1131 Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users...
S
CVE-2004-1133 Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remot...
CVE-2004-1134 Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial o...
CVE-2004-1135 Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial ...
CVE-2004-1136 Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers ...
CVE-2004-1137 Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2...
CVE-2004-1138 VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file contai...
S
CVE-2004-1139 Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attacke...
S
CVE-2004-1140 Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang...
S
CVE-2004-1141 The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of se...
S
CVE-2004-1142 Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption)...
S
CVE-2004-1143 The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which mak...
S
CVE-2004-1144 Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users t...
CVE-2004-1145 Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java c...
S
CVE-2004-1146 Multiple cross-site scripting (XSS) vulnerabilities in (1) main.c and (2) login.c for CVSTrac before...
S
CVE-2004-1147 phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows...
CVE-2004-1148 phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to re...
CVE-2004-1149 Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with i...
CVE-2004-1150 Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers ...
E
CVE-2004-1151 Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia...
CVE-2004-1152 Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote at...
S
CVE-2004-1153 Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to c...
E S
CVE-2004-1154 Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authe...
CVE-2004-1155 Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting c...
E
CVE-2004-1156 Mozilla before 1.7.6, and Firefox before 1.0.1, allows remote attackers to spoof arbitrary web sites...
CVE-2004-1157 Opera 7.x up to 7.54, and possibly other versions, allows remote attackers to spoof arbitrary web si...
CVE-2004-1158 Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary...
E S
CVE-2004-1159 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1122, CVE-2004-1314. Reaso...
R
CVE-2004-1160 Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sit...
E
CVE-2004-1161 rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote...
E S
CVE-2004-1162 The unison command in scponly before 4.0 does not properly restrict programs that can be run, which ...
E S
CVE-2004-1163 Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows...
CVE-2004-1164 The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause...
CVE-2004-1165 Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that con...
CVE-2004-1166 CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote ...
E
CVE-2004-1167 mirrorselect before 0.89 creates temporary files in a world-writable location with predictable file ...
S
CVE-2004-1168 Stack-based buffer overflow in the WebDav handler in MaxDB WebTools 7.5.00.18 and earlier allows rem...
CVE-2004-1169 MaxDB WebTools 7.5.00.18 and earlier allows remote attackers to cause a denial of service (applicati...
CVE-2004-1170 a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the file...
E S
CVE-2004-1171 KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user...
S
CVE-2004-1172 Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix ...
S
CVE-2004-1173 Internet Explorer 6 allows remote attackers to bypass the popup blocker via the document object mode...
CVE-2004-1174 direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of servi...
S
CVE-2004-1175 fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure fil...
S
CVE-2004-1176 Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to...
S
CVE-2004-1177 Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote ...
S
CVE-2004-1179 The debstd script in debmake 3.6.x before 3.6.10 and 3.7.x before 3.7.7 allows local users to overwr...
S
CVE-2004-1180 Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows...
S
CVE-2004-1181 htmlheadline before 21.8 allows local users to overwrite arbitrary files via a symlink attack on tem...
S
CVE-2004-1182 hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attacker...
S
CVE-2004-1183 Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to ca...
S
CVE-2004-1184 The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary ...
S
CVE-2004-1185 Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute ...
S
CVE-2004-1186 Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial ...
S
CVE-2004-1187 Heap-based buffer overflow in the pnm_get_chunk function for xine 0.99.2, and other packages such as...
S
CVE-2004-1188 The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use t...
S
CVE-2004-1189 The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5,...
S
CVE-2004-1190 SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent ...
S
CVE-2004-1191 Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of mem...
CVE-2004-1192 Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote att...
CVE-2004-1193 Prevx Home 1.0 allows local users with administrator privileges to bypass the intrusion prevention f...
CVE-2004-1194 Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial ...
E
CVE-2004-1195 Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (applica...
E
CVE-2004-1196 Cross-site scripting (XSS) vulnerability in inmail.pl in Insite Inmail allows remote attackers to in...
E
CVE-2004-1197 Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop allows remote attackers to in...
E
CVE-2004-1198 Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash ...
E
CVE-2004-1199 Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application cr...
E
CVE-2004-1200 Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memo...
E
CVE-2004-1201 Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhau...
E
CVE-2004-1202 Cross-site scripting (XSS) vulnerability in parser.php in phpCMS 1.2.1 and earlier, with non-stealth...
E S
CVE-2004-1203 parser.php in phpCMS 1.2.1 and earlier, with non-stealth and debug modes enabled, allows remote atta...
CVE-2004-1204 FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service (application cra...
CVE-2004-1205 codebrowserpntm.php in PnTresMailer 6.03 allows remote attackers to gain sensitive information via a...
CVE-2004-1206 Directory traversal vulnerability in codebrowserpntm.php in pnTresMailer 6.0.3 allows remote attacke...
E
CVE-2004-1207 The Serious engine, as used in (1) Alpha Black Zero Intrepid Protocol 1.04 and earlier, (2) Nitro fa...
E
CVE-2004-1208 Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (appli...
E
CVE-2004-1209 Verisign Payflow Link, when running with empty Accepted URL fields, does not properly verify the dat...
CVE-2004-1210 Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions,...
E
CVE-2004-1211 Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users t...
E S
CVE-2004-1212 Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attack...
E S
CVE-2004-1213 Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly...
E
CVE-2004-1214 Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary c...
E
CVE-2004-1215 Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via ...
E
CVE-2004-1216 The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial o...
E
CVE-2004-1217 Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbi...
E
CVE-2004-1218 Remote Execute 2.30 allows remote attackers to cause a denial of service (application crash) by maki...
S
CVE-2004-1219 paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote ...
CVE-2004-1220 Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master...
E
CVE-2004-1221 Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows remote attackers to read arbit...
E
CVE-2004-1222 weblibs.pl in WebLibs 1.0 allows remote attackers to execute arbitrary commands via shell metacharac...
E
CVE-2004-1223 The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive ...
E
CVE-2004-1224 Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users t...
CVE-2004-1225 SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute...
E
CVE-2004-1226 SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via ce...
CVE-2004-1227 Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers...
E
CVE-2004-1228 The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, w...
CVE-2004-1229 Cross-site scripting vulnerability in the parser for Gadu-Gadu allows remote attackers to inject arb...
CVE-2004-1230 Gadu-Gadu allows remote attackers to gain sensitive information and read files from the _cache direc...
CVE-2004-1231 Directory traversal vulnerability in Gadu-Gadu allows remote attackers to read arbitrary files via ....
CVE-2004-1232 Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to ex...
CVE-2004-1233 Integer overflow in Gadu-Gadu allows remote attackers to cause a denial of service (disk consumption...
CVE-2004-1234 load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash...
E S
CVE-2004-1235 Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux ke...
E S
CVE-2004-1236 Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other ope...
CVE-2004-1237 Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterpris...
S
CVE-2004-1238 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2004-1239 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2004-1240 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2004-1241 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2004-1242 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2004-1243 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2004-1244 Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing l...
S
CVE-2004-1254 WinRAR 3.40, and possibly earlier versions, allows remote attackers to execute arbitrary code via a ...
CVE-2004-1255 Buffer overflow in the expandtabs function in 2fax 3.04 allows remote attackers to execute arbitrary...
E
CVE-2004-1256 Multiple buffer overflows in the (1) event_text and (2) event_specific functions in abc2midi 2004.12...
E
CVE-2004-1257 Buffer overflow in the process_abc function in abc.c for abc2mtex 1.6.1 allows remote attackers to e...
E
CVE-2004-1258 Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to ex...
E
CVE-2004-1259 Multiple buffer overflows in the handle_directive function in abcpp.c for abcpp 1.3.0 allow remote a...
E
CVE-2004-1260 Multiple buffer overflows in the (1) write_heading function in subs.cpp or (2) trim_title function i...
E
CVE-2004-1261 Multiple buffer overflows in the preparse function in asp2php 0.76.23 allow remote attackers to exec...
E
CVE-2004-1262 Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm 0.0.6 allows remote attackers ...
E
CVE-2004-1263 changepassword.cgi in ChangePassword 0.8, when installed setuid, allows local users to execute arbit...
CVE-2004-1264 Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to ex...
E
CVE-2004-1265 Buffer overflow in the readObjectChunk function in 3dsimp.cpp for the convex-tool program in Convex ...
E
CVE-2004-1266 Buffer overflow in the get_field_headers function in csv2xml.cpp for csv2xml 0.5.1 allows remote att...
E
CVE-2004-1267 Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22...
E
CVE-2004-1268 lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local...
E
CVE-2004-1269 lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource li...
E
CVE-2004-1270 lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and...
E
CVE-2004-1271 Buffer overflow in the dxfin function in d.c for dxfscope 0.2 allows remote attackers to execute arb...
E
CVE-2004-1272 Buffer overflow in the save_embedded_address function in filter.c for elm/bolthole filter 2.6.1 allo...
E
CVE-2004-1273 Buffer overflow in the DownloadLoop function in main.c for greed 0.81p allows remote attackers to ex...
E
CVE-2004-1274 The DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary cod...
E
CVE-2004-1275 Buffer overflow in the remove_quote function in convert.c for html2hdml 1.0.3 allows remote attacker...
E
CVE-2004-1276 IglooFTP 0.6.1, when recursively uploading a directory, allows local users to overwrite the files th...
E
CVE-2004-1277 The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious ...
E
CVE-2004-1278 Buffer overflow in the switch_voice function in parse.c for jcabc2ps 20040902 allows remote attacker...
E
CVE-2004-1279 Buffer overflow in the get_file_list_stdin function in jpegtoavi 1.5 allows remote attackers to exec...
CVE-2004-1280 The gui_popup_view_fly function in gui_tview_popup.c for junkie 0.3.1 allows remote malicious FTP se...
E
CVE-2004-1281 The ftp_retr function in junkie 0.3.1 allows remote malicious FTP servers to overwrite arbitrary fil...
E
CVE-2004-1282 Buffer overflow in the strexpand function in string.c for LinPopUp 1.2.0 allows remote attackers to ...
E
CVE-2004-1283 Buffer overflow in the Mesh::type method in mesh.c for the mview program in Mesh Viewer 0.2.2 allows...
E
CVE-2004-1284 Buffer overflow in the find_next_file function in playlist.c for mpg123 0.59r allows remote attacker...
E
CVE-2004-1285 Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote...
E
CVE-2004-1286 Buffer overflow in the auto_filter_extern function in auto.c for NapShare 1.2, with the extern filte...
E
CVE-2004-1287 Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute ...
E
CVE-2004-1288 Buffer overflow in the parse_html function in o3read.c for o3read 0.0.3 allows remote attackers to e...
E
CVE-2004-1289 Multiple buffer overflows in (1) the getline function in pcalutil.c and (2) the get_holiday function...
E
CVE-2004-1290 Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers t...
CVE-2004-1291 Buffer overflow in qwik-smtpd allows remote attackers to use the server as an SMTP spam relay via a ...
E
CVE-2004-1292 Buffer overflow in the parse_emelody function in parse_emelody.c for ringtonetools 2.22 allows remot...
E
CVE-2004-1293 Buffer overflow in the ReadFontTbl function in reader.c for rtf2latex2e 1.0fc2 allows remote attacke...
E
CVE-2004-1294 The mget function in cmds.c for tnftp 20030825 allows remote FTP servers to overwrite arbitrary file...
E
CVE-2004-1295 The slip_down function in slip.c for the uml_net program in uml-utilities 20030903, when uml_net is ...
E
CVE-2004-1296 The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary...
CVE-2004-1297 Buffer overflow in the process_font_table function in convert.c for unrtf 0.19.3 allows remote attac...
E
CVE-2004-1298 Buffer overflow in the parse function in vb2c.c for vb2c 0.02 allows remote attackers to execute arb...
E
CVE-2004-1299 Buffer overflow in the get_attr function in html.c for vilistextum 2.6.6 allows remote attackers to ...
E
CVE-2004-1300 Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows r...
E
CVE-2004-1301 Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attacke...
E
CVE-2004-1302 The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote attackers to execute arbitrary comma...
E
CVE-2004-1303 Buffer overflow in the get function in get.c for Yanf 0.4 allows remote malicious web servers to exe...
E
CVE-2004-1304 Stack-based buffer overflow in the ELF header parsing code in file before 4.12 allows attackers to e...
S
CVE-2004-1305 The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP thr...
S
CVE-2004-1306 Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP throu...
E
CVE-2004-1307 Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remot...
S
CVE-2004-1308 Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote a...
E S
CVE-2004-1309 Heap-based buffer overflow in the demux_open_bmp function in demux_bmp.c for Unix MPlayer 1.0pre5 al...
CVE-2004-1310 Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows rem...
CVE-2004-1311 Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows...
CVE-2004-1312 A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party product...
S
CVE-2004-1313 The Smc.exe process in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop p...
CVE-2004-1314 Safari 1.x allows remote attackers to spoof arbitrary web sites by injecting content from one window...
CVE-2004-1315 viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extract...
S
CVE-2004-1316 Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earl...
E S
CVE-2004-1317 Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, ...
CVE-2004-1318 Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote a...
S
CVE-2004-1319 The DHTML Edit Control (dhtmled.ocx) allows remote attackers to inject arbitrary web script into oth...
E S
CVE-2004-1320 Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could all...
CVE-2004-1321 The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in ...
CVE-2004-1322 Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usern...
S
CVE-2004-1323 Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial ...
S
CVE-2004-1324 The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitra...
E S
CVE-2004-1325 The getItemInfoByAtom function in the ActiveX control for Microsoft Windows Media Player 9.0 returns...
E S
CVE-2004-1326 Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -set...
E
CVE-2004-1327 Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code ...
E
CVE-2004-1328 Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain el...
S
CVE-2004-1329 Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout...
E S
CVE-2004-1330 Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a...
E S
CVE-2004-1331 The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the ...
E
CVE-2004-1332 Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, a...
S
CVE-2004-1333 Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows loca...
E S
CVE-2004-1334 Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users...
E S
CVE-2004-1335 Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to c...
E S
CVE-2004-1336 The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which a...
S
CVE-2004-1337 The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the c...
S
CVE-2004-1338 The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partia...
S
CVE-2004-1339 SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS defau...
S
CVE-2004-1340 Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be...
S
CVE-2004-1341 Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 allows remote attackers to injec...
S
CVE-2004-1342 CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to b...
S
CVE-2004-1343 CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current rep...
S
CVE-2004-1344 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2004-1345 Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris...
S
CVE-2004-1346 The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (k...
S
CVE-2004-1347 X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash...
S
CVE-2004-1348 Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service ...
S
CVE-2004-1349 gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions o...
S
CVE-2004-1350 Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 th...
S
CVE-2004-1351 Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers ...
S
CVE-2004-1352 Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbit...
S
CVE-2004-1353 Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), a...
S
CVE-2004-1354 The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages w...
S
CVE-2004-1355 Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a deni...
S
CVE-2004-1356 Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a...
S
CVE-2004-1357 The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD i...
S
CVE-2004-1358 The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of ...
S
CVE-2004-1359 Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbi...
S
CVE-2004-1360 Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local...
S
CVE-2004-1361 Integer underflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, a...
E
CVE-2004-1362 The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO...
S
CVE-2004-1363 Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via envir...
S
CVE-2004-1364 Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access ...
S
CVE-2004-1365 Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function...
S
CVE-2004-1366 Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-read...
E S
CVE-2004-1367 Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") ...
S
CVE-2004-1368 ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an...
S
CVE-2004-1369 The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash)...
S
CVE-2004-1370 Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9...
S
CVE-2004-1371 Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code v...
S
CVE-2004-1372 Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary ...
S
CVE-2004-1373 Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service ...
S
CVE-2004-1374 Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain ...
CVE-2004-1375 Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and...
S
CVE-2004-1376 Directory traversal vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote ma...
E S
CVE-2004-1377 The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow lo...
S
CVE-2004-1378 The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9...
S
CVE-2004-1379 Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows r...
S
CVE-2004-1380 Firefox before 1.0 and Mozilla before 1.7.5 allows inactive (background) tabs to launch dialog boxes...
S
CVE-2004-1381 Firefox before 1.0 and Mozilla before 1.7.5 allow inactive (background) tabs to focus on input being...
E S
CVE-2004-1382 The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a...
S
CVE-2004-1383 Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers...
E S
CVE-2004-1384 Multiple cross-site scripting (XSS) vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow rem...
E S
CVE-2004-1385 phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain sensitive information via (1) un...
E S
CVE-2004-1386 TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers...
S
CVE-2004-1387 The check_forensic script in apache-utils package 1.3.31 allows local users to overwrite or create a...
CVE-2004-1388 Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps...
E S
CVE-2004-1389 Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup Busi...
S
CVE-2004-1390 Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to exec...
E
CVE-2004-1391 Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local user...
E
CVE-2004-1392 PHP 4.0 with cURL functions allows remote attackers to bypass the open_basedir setting and read arbi...
E S
CVE-2004-1393 Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local...
S
CVE-2004-1394 The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains ...
S
CVE-2004-1395 The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 an...
E S
CVE-2004-1396 Winamp 5.07 and possibly other versions, allows remote attackers to cause a denial of service (appli...
E
CVE-2004-1397 Cross-site scripting (XSS) vulnerability in UseModWiki 1.0 allows remote attackers to inject arbitra...
E
CVE-2004-1398 Format string vulnerability in prelink.c in kextload in Apple OS X, as used by TDIXSupport in Roxio ...
CVE-2004-1399 Directory traversal vulnerability in the Attachment module 2.3.10 and earlier for phpBB allows remot...
S
CVE-2004-1400 The control panel in ASP Calendar does not require authentication to access, which allows remote att...
E
CVE-2004-1401 SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary ...
E S
CVE-2004-1402 SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands v...
E
CVE-2004-1403 PHP remote file inclusion vulnerability in index.php in GNUBoard 3.39 and earlier allows remote atta...
S
CVE-2004-1404 Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle fil...
S
CVE-2004-1405 MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two...
E S
CVE-2004-1406 SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attacker...
E S
CVE-2004-1407 Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow...
S
CVE-2004-1408 The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly ch...
S
CVE-2004-1409 Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote a...
S
CVE-2004-1410 Cross-site scripting (XSS) vulnerability in Gadu-Gadu build 155 and earlier allows remote attackers ...
CVE-2004-1411 Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop)...
CVE-2004-1412 Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers...
E
CVE-2004-1413 Multiple SQL injection vulnerabilities in Kayako eSupport 2.x allow remote attackers to execute arbi...
E
CVE-2004-1414 Gadu-Gadu 6.1 build 156 allows remote attackers to cause a denial of service (application hang) via ...
E
CVE-2004-1415 SQL injection vulnerability in (1) disp_album.php and possibly (2) disp_img.php in 2Bgal 2.4 and 2.5...
E S
CVE-2004-1416 pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allow...
CVE-2004-1417 Cross-site scripting (XSS) vulnerability in login.php in PsychoStats 2.2.4 Beta and earlier allows r...
E S
CVE-2004-1418 Cross-site scripting (XSS) vulnerability in WPKontakt 3.0.1 and earlier allows remote attackers to i...
E S
CVE-2004-1419 PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to e...
E S
CVE-2004-1420 Multiple cross-site scripting (XSS) vulnerabilities in header.php in WHM AutoPilot 2.4.6.5 and earli...
E S
CVE-2004-1421 Multiple PHP remote file inclusion vulnerabilities (1) step_one.php, (2) step_one_tables.php, (3) st...
E S
CVE-2004-1422 WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sensitive information via phpinfo,...
E S
CVE-2004-1423 Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as us...
E S
CVE-2004-1424 Cross-site scripting (XSS) vulnerability in view.php in Moodle 1.4.2 and earlier allows remote attac...
E S
CVE-2004-1425 Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to...
E S
CVE-2004-1426 Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote atta...
E
CVE-2004-1427 PHP remote file inclusion vulnerability in main.inc in KorWeblog 1.6.2-cvs and earlier allows remote...
E
CVE-2004-1428 ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of pr...
CVE-2004-1429 ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be enter...
CVE-2004-1430 SQL injection vulnerability in the show_stats module in Arcade.php in IbProArcade allows remote atta...
E
CVE-2004-1431 FormMail.php 5.0, and possibly other versions, allows remote attackers to read arbitrary files via a...
E
CVE-2004-1432 Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5...
CVE-2004-1433 Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5...
CVE-2004-1434 Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(...
E
CVE-2004-1435 Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5...
CVE-2004-1436 The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and ...
CVE-2004-1437 Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier ...
E S
CVE-2004-1438 The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated user...
S
CVE-2004-1439 Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP ...
E S
CVE-2004-1440 Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote at...
S
CVE-2004-1441 Cross-site scripting (XSS) vulnerability in icq.cgi in Board Power 2.04PF allows remote attackers to...
E
CVE-2004-1442 Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows ...
E
CVE-2004-1443 Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging ...
S
CVE-2004-1444 Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbit...
E S
CVE-2004-1445 A race condition in nessus-adduser in Nessus 2.0.11 and possibly earlier versions, if the TMPDIR env...
S
CVE-2004-1446 Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remo...
S
CVE-2004-1447 Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which co...
CVE-2004-1448 Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IM...
E
CVE-2004-1449 Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determ...
CVE-2004-1450 Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary f...
S
CVE-2004-1451 Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which...
E S
CVE-2004-1452 Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:t...
S
CVE-2004-1453 GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does ...
S
CVE-2004-1454 Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attacke...
S
CVE-2004-1455 Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and earlier allows remote attackers...
E S
CVE-2004-1456 filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters i...
E S
CVE-2004-1457 The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to ...
S
CVE-2004-1458 The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 1...
S
CVE-2004-1459 Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication P...
S
CVE-2004-1460 Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind ...
S
CVE-2004-1461 Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP co...
S
CVE-2004-1462 Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote attackers to gain unauthorized acc...
S
CVE-2004-1463 Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, related to Access Control Lis...
S
CVE-2004-1464 Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (vi...
KEV S
CVE-2004-1465 Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code vi...
S
CVE-2004-1466 The set_time_limit function in Gallery before 1.4.4_p2 deletes non-image files in a temporary direct...
E S
CVE-2004-1467 Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remot...
E S
CVE-2004-1468 The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrar...
E S
CVE-2004-1469 Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allow...
E S
CVE-2004-1470 CRLF injection vulnerability in SnipSnap 0.5.2a, and other versions before 1.0b1, allows remote atta...
E S
CVE-2004-1471 Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 al...
S
CVE-2004-1472 Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow re...
CVE-2004-1473 Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gate...
S
CVE-2004-1474 Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gate...
S
CVE-2004-1475 Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arb...
S
CVE-2004-1476 Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived fr...
S
CVE-2004-1477 Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attacke...
S
CVE-2004-1478 JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perf...
S
CVE-2004-1479 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0928. Reason: This candida...
R
CVE-2004-1480 Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier ...
S
CVE-2004-1481 Integer overflow in pnen3260.dll in RealPlayer 8 through 10.5 (6.0.12.1040) and earlier, and RealOne...
S
CVE-2004-1482 The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote a...
S
CVE-2004-1483 Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Ga...
S
CVE-2004-1484 Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used ...
E S
CVE-2004-1485 Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute...
CVE-2004-1486 Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 ...
S
CVE-2004-1487 wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirecti...
E
CVE-2004-1488 wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to t...
E
CVE-2004-1489 Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun...
E S
CVE-2004-1490 Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots a...
S
CVE-2004-1491 Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attacke...
S
CVE-2004-1492 Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exi...
E
CVE-2004-1493 Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server c...
E
CVE-2004-1494 Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cau...
E
CVE-2004-1495 The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (appl...
S
CVE-2004-1496 Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attacker...
CVE-2004-1497 Web Forums Server 1.6 and 2.0 Power Pack stores passwords in plaintext in the Username.ini file, whi...
CVE-2004-1498 SQL injection vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote att...
S
CVE-2004-1499 Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allo...
E S
CVE-2004-1500 Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authent...
CVE-2004-1501 The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a d...
CVE-2004-1502 The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a deni...
CVE-2004-1503 Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibl...
CVE-2004-1504 The displaycontent function in config.php for Just Another Flat file (JAF) CMS 3.0RC allows remote a...
E
CVE-2004-1505 Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remo...
E S
CVE-2004-1506 Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject ...
E
CVE-2004-1507 CRLF injection vulnerability in login.php in WebCalendar allows remote attackers to inject CRLF sequ...
E
CVE-2004-1508 init.php in WebCalendar allows remote attackers to execute arbitrary local PHP scripts via the user_...
CVE-2004-1509 validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid enc...
E
CVE-2004-1510 WebCalendar allows remote attackers to gain privileges by modifying critical parameters to (1) view_...
E
CVE-2004-1511 Hotfoon 4.0 does not notify users before opening links in web browsers, which could allow remote att...
CVE-2004-1512 Cross-site scripting (XSS) vulnerability in Response_default.html in 04WebServer 1.42 allows remote ...
E S
CVE-2004-1513 04WebServer 1.42 does not adequately filter data that is written to log files, which could allow rem...
E S
CVE-2004-1514 04WebServer 1.42 allows remote attackers to cause a denial of service (fail to restart properly) via...
S
CVE-2004-1515 SQL injection vulnerability in (1) ttlast.php and (2) last10.php in vBulletin 3.0.x allows remote at...
CVE-2004-1516 CRLF injection vulnerability in index.php in phpWebSite 0.9.3-4 allows remote attackers to perform H...
E S
CVE-2004-1517 Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filterin...
S
CVE-2004-1518 SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated u...
E S
CVE-2004-1519 SQL injection vulnerability in bug.php in phpBugTracker 0.9.1 allows remote attackers to execute arb...
CVE-2004-1520 Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbi...
E S
CVE-2004-1521 Eudora 6.2.0.14 does not issue a warning when a user forwards an e-mail message that contains base64...
CVE-2004-1522 Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service...
E
CVE-2004-1523 Format string vulnerability in the game console in Hired Team: Trial 2.0 and earlier and 2.200 allow...
E
CVE-2004-1524 Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (ga...
E
CVE-2004-1525 Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (ap...
CVE-2004-1526 Hired Team: Trial 2.0 and earlier and 2.200 does not limit how game players can kick other players o...
CVE-2004-1527 Microsoft Internet Explorer 6.0 SP1 does not properly handle certain character strings in the Path a...
S
CVE-2004-1528 The Event Calendar module 2.13 for PHP-Nuke allows remote attackers to gain sensitive information vi...
E
CVE-2004-1529 Cross-site scripting (XSS) vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remot...
E
CVE-2004-1530 SQL injection vulnerability in the Event Calendar module 2.13 for PHP-Nuke allows remote attackers t...
E
CVE-2004-1531 SQL injection vulnerability in post.php in Invision Power Board (IPB) 2.0.0 through 2.0.2 allows rem...
E S
CVE-2004-1532 AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to...
CVE-2004-1533 Buffer overflow in pop3svr.exe for DMS POP3 1.5.3.27 and earlier allows remote attackers to cause a ...
E S
CVE-2004-1534 ZoneAlarm and ZoneAlarm Pro before 5.5.062, with ad-blocking enabled, allows remote web sites to cau...
S
CVE-2004-1535 PHP remote file inclusion vulnerability in admin_cash.php for the Cash Mod module for phpBB allows r...
CVE-2004-1536 SQL injection vulnerability in index.php in the ibProArcade module for Invision Power Board (IPB) 1....
E
CVE-2004-1537 Cross-site scripting (XSS) vulnerability in popup.php in PHPKIT 1.6.03 through 1.6.1 allows remote a...
E
CVE-2004-1538 SQL injection vulnerability in include.php in PHPKIT 1.6.03 through 1.6.1 allows remote attackers to...
E
CVE-2004-1539 Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (clien...
E S
CVE-2004-1540 ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administr...
E
CVE-2004-1541 SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary comman...
S
CVE-2004-1542 Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a de...
E
CVE-2004-1543 Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cvs and earlier allows remote at...
E
CVE-2004-1544 Cross-site scripting (XSS) vulnerability in Search.jsp in JSPWiki 2.1.120-cvs and earlier allows rem...
E S
CVE-2004-1545 UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly ha...
S
CVE-2004-1546 Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (appl...
E
CVE-2004-1547 The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to cause a ...
E
CVE-2004-1548 Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authen...
E
CVE-2004-1549 The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleart...
CVE-2004-1550 Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authenticati...
S
CVE-2004-1551 Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final ...
CVE-2004-1552 SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL state...
E
CVE-2004-1553 SQL injection vulnerability in aspWebAlbum allows remote attackers to execute arbitrary SQL statemen...
E
CVE-2004-1554 PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attacke...
E S
CVE-2004-1555 Multiple SQL injection vulnerabilities in BroadBoard Instant ASP Message Board allow remote attacker...
E
CVE-2004-1556 MyWebServer 1.0.3 allows remote attackers to cause a denial of service (application crash) via a lar...
CVE-2004-1557 MyWebServer 1.0.3 allows remote attackers to bypass authentication, modify configuration, and read a...
CVE-2004-1558 Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attacke...
E S
CVE-2004-1559 Multiple cross-site scripting (XSS) vulnerabilities in Wordpress 1.2 allow remote attackers to injec...
E S
CVE-2004-1560 Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service h...
E
CVE-2004-1561 Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via a...
E S
CVE-2004-1562 SQL injection vulnerability in redir_url.php in w-Agora 4.1.6a allows remote attackers to execute ar...
E S
CVE-2004-1563 Multiple cross-site scripting (XSS) vulnerabilities in w-Agora 4.1.6a allow remote attackers to exec...
E S
CVE-2004-1564 CRLF injection vulnerability in subscribe_thread.php in w-Agora 4.1.6a allows remote attackers to pe...
E S
CVE-2004-1565 list.php in w-Agora 4.1.6a allows remote attackers to reveal the full path via a crafted HTTP reques...
E S
CVE-2004-1566 Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remo...
E
CVE-2004-1567 profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting...
E
CVE-2004-1568 Directory traversal vulnerability in ParaChat Server 5.5 allows remote attackers to read arbitrary f...
E
CVE-2004-1569 Buffer overflow in (1) MusicConverter.exe, (2) playlist.exe, and (3) amp.exe in dBpowerAMP Audio Pla...
E
CVE-2004-1570 SQL injection vulnerability in bBlog 0.7.2 and 0.7.3 allows remote attackers to execute arbitrary SQ...
CVE-2004-1571 AJ-Fork 167 allows remote attackers to gain sensitive information via a direct request to (1) auto-a...
E
CVE-2004-1572 AJ-Fork 167 does not restrict access to directories such as (1) data, (2) inc, (3) plugins, (4) skin...
CVE-2004-1573 The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777,...
E
CVE-2004-1574 Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote attackers to execute arbitrary ...
E S
CVE-2004-1575 The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consump...
S
CVE-2004-1576 Format string vulnerability in Judge Dredd: Dredd vs. Death 1.01 and earlier allows remote attackers...
CVE-2004-1577 index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show par...
CVE-2004-1578 Cross-site scripting (XSS) vulnerability in index.php in Invision Power Board 2.0.0 allows remote at...
CVE-2004-1579 index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP reques...
CVE-2004-1580 SQL injection vulnerability in index.php in CubeCart 2.0.1 allows remote attackers to execute arbitr...
E S
CVE-2004-1581 BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) c...
CVE-2004-1582 PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbit...
S
CVE-2004-1583 Directory traversal vulnerability in the FTP server in TriDComm 1.3 and earlier allows remote attack...
S
CVE-2004-1584 CRLF injection vulnerability in wp-login.php in WordPress 1.2 allows remote attackers to perform HTT...
E S
CVE-2004-1585 Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service ...
E
CVE-2004-1586 Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messagin...
E
CVE-2004-1587 Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blo...
E S
CVE-2004-1588 SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQ...
E
CVE-2004-1589 Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute...
E
CVE-2004-1590 Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php,...
CVE-2004-1591 The web interface for Micronet Wireless Broadband Router SP916BM running firmware before 1.9 08/04/2...
CVE-2004-1592 PHP remote file inclusion vulnerability in index.php in ocPortal 1.0.3 and earlier allows remote att...
E S
CVE-2004-1593 Cross-site scripting (XSS) vulnerability in render.UserLayoutRootNode.uP in SCT Campus Pipeline allo...
E
CVE-2004-1594 Cross-site scripting (XSS) vulnerability in FuseTalk 4.0 allows remote attackers to execute arbitrar...
E S
CVE-2004-1595 Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a...
E
CVE-2004-1596 The 3COM Wireless router 3CRADSL72 running Boot Code 1.3d allows remote attackers to gain sensitive ...
CVE-2004-1597 RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of s...
E S
CVE-2004-1598 Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file t...
CVE-2004-1599 Cross-site scripting (XSS) vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers ...
E
CVE-2004-1600 index.php in CoolPHP 1.0-stable allows remote attackers to gain sensitive information via an invalid...
E
CVE-2004-1601 Directory traversal vulnerability in index.php in CoolPHP 1.0-stable allows remote attackers to acce...
CVE-2004-1602 ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given usern...
E S
CVE-2004-1603 cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via...
E S
CVE-2004-1604 cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink atta...
CVE-2004-1605 SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to se...
E S
CVE-2004-1606 slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service (application crash) v...
E S
CVE-2004-1607 slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Libra...
E S
CVE-2004-1608 SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL state...
E S
CVE-2004-1609 SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an H...
E S
CVE-2004-1610 SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote a...
CVE-2004-1611 SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, wh...
E S
CVE-2004-1612 Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary file...
E S
CVE-2004-1613 Mozilla allows remote attackers to cause a denial of service (application crash from null dereferenc...
E S
CVE-2004-1614 Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory ...
E
CVE-2004-1615 Opera allows remote attackers to cause a denial of service (invalid memory reference and application...
E S
CVE-2004-1616 Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HT...
E
CVE-2004-1617 Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (...
E
CVE-2004-1618 Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application c...
E
CVE-2004-1619 Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary c...
E
CVE-2004-1620 CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Re...
E S
CVE-2004-1621 NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM L...
E
CVE-2004-1622 SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute ...
E
CVE-2004-1623 The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service...
E
CVE-2004-1624 Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help...
CVE-2004-1625 pGina 1.7.6 and possibly older versions, when the Restart or Shutdown options are enabled on the log...
CVE-2004-1626 Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to exec...
E
CVE-2004-1627 Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attac...
E
CVE-2004-1628 Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execu...
CVE-2004-1629 Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier allow remote attackers to exe...
CVE-2004-1630 Cross-site scripting (XSS) vulnerability in the login form in Open WorkFlow Engine (OpenWFE) 1.4.x a...
E S
CVE-2004-1631 Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts b...
S
CVE-2004-1632 Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote att...
E S
CVE-2004-1633 process_bug.cgi in Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS does not check edit permissions on...
CVE-2004-1634 show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup featu...
S
CVE-2004-1635 Bugzilla 2.17.1 through 2.18rc2 and 2.19 from cvs, when using the insidergroup feature, does not suf...
S
CVE-2004-1636 Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTft...
E S
CVE-2004-1637 The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information...
CVE-2004-1638 Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1)...
E
CVE-2004-1639 Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a deni...
E
CVE-2004-1640 Multiple cross-site scripting (XSS) vulnerabilities in XOOPS 0.94 and 1.0 allow remote attackers to ...
E
CVE-2004-1641 Heap-based buffer overflow in Titan FTP 3.21 and earlier allows remote attackers to cause a denial o...
E S
CVE-2004-1642 WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a s...
E
CVE-2004-1643 WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a ...
S
CVE-2004-1644 Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting mu...
CVE-2004-1645 Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary w...
E
CVE-2004-1646 Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a...
CVE-2004-1647 SQL injection vulnerability in Password Protect allows remote attackers to execute arbitrary SQL sta...
E
CVE-2004-1648 Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.as...
E
CVE-2004-1649 Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a lo...
E
CVE-2004-1650 D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote atta...
E S
CVE-2004-1651 Multiple cross-site scripting (XSS) vulnerabilities in the registration page in phpScheduleIt 1.0.0 ...
S
CVE-2004-1652 phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a n...
CVE-2004-1653 The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authentic...
CVE-2004-1654 SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote a...
S
CVE-2004-1655 Cross-site scripting (XSS) vulnerability in phpWebsite 0.9.3-4 and earlier allows remote attackers t...
E S
CVE-2004-1656 CRLF injection vulnerability in Comersus Shopping Cart 5.0991 allows remote attackers to perform HTT...
E
CVE-2004-1657 Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog...
E S
CVE-2004-1658 Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the A...
E
CVE-2004-1659 Cross-site scripting (XSS) vulnerability in index.php in CuteNews 1.3.6 and earlier allows remote at...
E
CVE-2004-1660 PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to exe...
E
CVE-2004-1661 MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a co...
E
CVE-2004-1662 YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to A...
E
CVE-2004-1663 Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (...
CVE-2004-1664 Call of Duty 1.4 and earlier allows remote attackers to cause a denial of service (game end) via a l...
E S
CVE-2004-1665 Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to injec...
CVE-2004-1666 Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary c...
E
CVE-2004-1667 Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial o...
E S
CVE-2004-1668 Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote att...
E S
CVE-2004-1669 Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and ...
S
CVE-2004-1670 Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, an...
S
CVE-2004-1671 Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attack...
E S
CVE-2004-1672 attachment.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions a...
E S
CVE-2004-1673 accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other v...
E S
CVE-2004-1674 viewaction.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions a...
S
CVE-2004-1675 Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application cras...
E S
CVE-2004-1676 Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote att...
CVE-2004-1677 pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang para...
E S
CVE-2004-1678 Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions ...
E S
CVE-2004-1679 Directory traversal vulnerability in TwinFTP 1.0.3 R2 allows remote attackers to create arbitrary fi...
S
CVE-2004-1680 application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticate...
E S
CVE-2004-1681 Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in Q...
E
CVE-2004-1682 Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bi...
CVE-2004-1683 A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the P...
CVE-2004-1684 Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remot...
CVE-2004-1685 SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow ...
E S
CVE-2004-1686 Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt...
CVE-2004-1687 CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to per...
E S
CVE-2004-1688 Pigeon Server 3.02.0143 and earlier allows remote attackers to cause a denial of service (infinite l...
S
CVE-2004-1689 sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local...
E S
CVE-2004-1690 Cross-site scripting (XSS) vulnerability in the Web Server in DNS4Me 3.0.0.4 allows remote attackers...
E
CVE-2004-1691 The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumpti...
CVE-2004-1692 Cross-site scripting (XSS) vulnerability in index.php in Mambo 4.5 (1.0.9) allows remote attackers t...
E S
CVE-2004-1693 PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers...
E S
CVE-2004-1694 Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of wh...
E S
CVE-2004-1695 EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to bypass authentication for the...
CVE-2004-1696 EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (ap...
E S
CVE-2004-1697 The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 ...
S
CVE-2004-1698 The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to...
E S
CVE-2004-1699 SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (w...
E
CVE-2004-1700 Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 a...
E S
CVE-2004-1701 Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2...
E S
CVE-2004-1702 The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check...
E S
CVE-2004-1703 Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, v...
E
CVE-2004-1704 WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to admi...
CVE-2004-1705 Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service ...
E S
CVE-2004-1706 The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of servi...
E S
CVE-2004-1707 The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix syste...
E S
CVE-2004-1708 Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number ...
CVE-2004-1709 Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communicatio...
CVE-2004-1710 page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url p...
CVE-2004-1711 Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to...
E S
CVE-2004-1712 Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Java...
CVE-2004-1713 Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-U...
S
CVE-2004-1714 BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.i...
E
CVE-2004-1715 Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or loc...
E S
CVE-2004-1716 Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arb...
E S
CVE-2004-1717 Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers t...
E
CVE-2004-1718 The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users t...
E
CVE-2004-1719 Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attac...
E S
CVE-2004-1720 The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote at...
E S
CVE-2004-1721 The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attack...
S
CVE-2004-1722 SQL injection vulnerability in calendar.html in Merak Mail Server 5.2.7 allows remote attackers to e...
E S
CVE-2004-1723 The (1) updateuser.php and (2) forums_prune.php scripts in PHP-Fusion 4.00 allow remote attackers to...
CVE-2004-1724 The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_adm...
E
CVE-2004-1725 Stack-based buffer overflow in xvbmp.c in XV allows remote attackers to execute arbitrary code via a...
E S
CVE-2004-1726 Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers...
E S
CVE-2004-1727 BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a lar...
E
CVE-2004-1728 Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary...
E S
CVE-2004-1729 Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to in...
E
CVE-2004-1730 Cross-site scripting (XSS) vulnerability in Mantis bugtracker allows remote attackers to inject arbi...
E S
CVE-2004-1731 signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multip...
E S
CVE-2004-1732 SQL injection vulnerability in out.ViewFolder.php in MyDMS before 1.4.2 allows remote attackers to e...
E S
CVE-2004-1733 Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users t...
E S
CVE-2004-1734 PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitra...
E S
CVE-2004-1735 Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows...
E
CVE-2004-1736 Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.p...
E
CVE-2004-1737 SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arb...
E S
CVE-2004-1738 Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbi...
CVE-2004-1739 Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users....
E S
CVE-2004-1740 Music daemon (musicd) 0.0.3 and earlier allows remote attackers to read arbitrary files by calling L...
E S
CVE-2004-1741 Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash)...
S
CVE-2004-1742 Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files vi...
E S
CVE-2004-1743 Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP r...
E
CVE-2004-1744 Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU con...
E
CVE-2004-1745 Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service...
E
CVE-2004-1746 Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote atta...
E
CVE-2004-1747 Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 ...
CVE-2004-1748 NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is runn...
E
CVE-2004-1749 Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed rout...
S
CVE-2004-1750 RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large num...
E
CVE-2004-1751 Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of s...
E S
CVE-2004-1752 Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary cod...
E S
CVE-2004-1753 The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X ...
E
CVE-2004-1754 The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to pois...
E S
CVE-2004-1755 The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-wa...
S
CVE-2004-1756 BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-...
S
CVE-2004-1757 BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext...
S
CVE-2004-1758 BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may...
S
CVE-2004-1759 Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows ...
E S
CVE-2004-1760 The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers...
S
CVE-2004-1761 Unknown vulnerability in Ethereal 0.8.13 to 0.10.2 allows attackers to cause a denial of service (se...
S
CVE-2004-1762 Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober....
S
CVE-2004-1763 Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote atta...
E S
CVE-2004-1764 Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users t...
S
CVE-2004-1765 Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPos...
S
CVE-2004-1766 The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encrypt...
CVE-2004-1767 The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary lo...
S
CVE-2004-1768 The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam ...
S
CVE-2004-1769 The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earl...
E
CVE-2004-1770 The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arb...
E S
CVE-2004-1771 Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view pr...
CVE-2004-1772 Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary c...
E S
CVE-2004-1773 Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary co...
S
CVE-2004-1774 Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracl...
E S
CVE-2004-1775 Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and I...
S
CVE-2004-1776 Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data ...
S
CVE-2004-1777 A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cau...
E S
CVE-2004-1778 Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lan...
CVE-2004-1779 Cross-site scripting (XSS) vulnerability in board.php for ThWboard before beta 2.84 allows remote at...
S
CVE-2004-1780 Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via r...
E
CVE-2004-1781 Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating sys...
E
CVE-2004-1782 athenareg.php in Athena Web Registration allows remote attackers to execute arbitrary commands via s...
E
CVE-2004-1783 Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read a...
E S
CVE-2004-1784 Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitra...
E S
CVE-2004-1785 SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to ...
E S
CVE-2004-1786 PortalApp places user credentials under the web root with insufficient access control, which allows ...
E
CVE-2004-1787 SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL c...
S
CVE-2004-1788 ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient acces...
E
CVE-2004-1789 Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows re...
E
CVE-2004-1790 Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Rout...
E
CVE-2004-1791 The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and pa...
E
CVE-2004-1792 swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service ...
E
CVE-2004-1793 Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenti...
E
CVE-2004-1794 Cross-site scripting (XSS) vulnerability in the VCard4J Toolkit allows remote attackers to inject ar...
S
CVE-2004-1795 Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI....
CVE-2004-1796 PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to exec...
E S
CVE-2004-1797 Cross-site scripting (XSS) vulnerability in search.php for FreznoShop 1.3.0 RC1 and earlier allows r...
E S
CVE-2004-1798 RealOne player 6.0.11.868 allows remote attackers to execute arbitrary script in the "My Computer" z...
E S
CVE-2004-1799 PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a ses...
CVE-2004-1800 Unknown vulnerability in Sysbotz SimpleData 4.0.1 and possibly earlier versions allows remote attack...
CVE-2004-1801 Directory traversal vulnerability in PWebServer 0.3.3 allows remote attackers to read arbitrary file...
E S
CVE-2004-1802 Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before ...
E S
CVE-2004-1804 wMCam server 2.1.348 allows remote attackers to cause a denial of service (no new connections) via m...
CVE-2004-1805 Format string vulnerability in games using the Epic Games Unreal Engine 436 allows remote attackers ...
E S
CVE-2004-1806 SQL injection vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to execute SQL co...
S
CVE-2004-1807 Cross-site scripting (XSS) vulnerability in index.cfm in CFWebstore 5.0 allows remote attackers to i...
S
CVE-2004-1808 Extcompose in metamail does not verify the output file before writing to it, which allows local user...
CVE-2004-1809 Cross-site scripting (XSS) vulnerability in phpBB 2.0.6d and earlier allows remote attackers to inje...
S
CVE-2004-1810 The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by ...
E
CVE-2004-1811 The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access en...
S
CVE-2004-1812 Multiple stack-based buffer overflows in Agent Common Services (1) cam.exe and (2) awservices.exe in...
CVE-2004-1813 VocalTec VGW4/8 Gateway 8.0 allows remote attackers to bypass authentication via an HTTP request to ...
CVE-2004-1814 Directory traversal vulnerability in VocalTec VGW4/8 Gateway 8.0 allows remote attackers to read pro...
E
CVE-2004-1815 Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an...
S
CVE-2004-1816 Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP we...
S
CVE-2004-1817 Cross-site scripting (XSS) vulnerability in modules.php in Php-Nuke 7.1.0 allows remote attackers to...
E
CVE-2004-1818 Cross-site scripting (XSS) vulnerability in nmimage.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0...
E
CVE-2004-1819 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to obtain sensitive information vi...
E
CVE-2004-1820 PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 thro...
E S
CVE-2004-1821 SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to ...
S
CVE-2004-1822 Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 through 5.0.3 beta allow remote at...
S
CVE-2004-1823 Multiple cross-site scripting (XSS) vulnerabilities in Jelsoft vBulletin 2.0 beta 3 through 3.0 can4...
E S
CVE-2004-1824 Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin before 3.0 allows remote attackers to ...
E S
CVE-2004-1825 Cross-site scripting (XSS) vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earl...
E S
CVE-2004-1826 SQL injection vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows re...
E S
CVE-2004-1827 Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote...
E S
CVE-2004-1828 Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which cou...
E S
CVE-2004-1829 Multiple cross-site scripting (XSS) vulnerabilities in error.php in Gijza.net Error Manager 2.1 for ...
E
CVE-2004-1830 error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attackers to obtain sensitive informat...
CVE-2004-1831 Buffer overflow in Chrome 1.2.0.0 and earlier allows remote attackers to cause a denial of service (...
CVE-2004-1832 Buffer overflow in the GUI admin service in Mac OS X Server 10.3 allows remote attackers to cause a ...
CVE-2004-1833 The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which a...
E S
CVE-2004-1834 mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication informat...
E S
CVE-2004-1835 Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers...
E
CVE-2004-1836 SQL injection vulnerability in index.php in Invision Power Top Site List 1.1 RC 2 and earlier allows...
E
CVE-2004-1837 Cross-site scripting (XSS) vulnerability in Mod_survey 3.0.x before 3.0.16-pre2 and 3.2.x before 3.2...
S
CVE-2004-1838 Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files vi...
E S
CVE-2004-1839 MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a di...
CVE-2004-1840 Multiple cross-site scripting (XSS) vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows re...
E
CVE-2004-1841 SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execut...
E
CVE-2004-1842 Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attacker...
E
CVE-2004-1843 SQL injection vulnerability in Member Management System 2.1 allows remote attackers to execute arbit...
E S
CVE-2004-1844 Cross-site scripting (XSS) vulnerability in Member Management System 2.1 allows remote attackers to ...
E
CVE-2004-1845 Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers ...
E
CVE-2004-1846 Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute ar...
E S
CVE-2004-1847 News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privil...
E S
CVE-2004-1848 Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption)...
E S
CVE-2004-1849 Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject...
E
CVE-2004-1850 The Rage 1.01 and earlier allows remote attackers to cause a denial of service (infinite loop) via a...
E
CVE-2004-1851 Dameware Mini Remote Control 4.1.0.0 uses insufficiently random data to create the encryption key, w...
S
CVE-2004-1852 DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption ke...
S
CVE-2004-1853 Buffer overflow in Terminator 3: War of the Machines 1.0 allows remote attackers to cause a denial o...
E S
CVE-2004-1854 Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to exe...
E S
CVE-2004-1855 Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remot...
E
CVE-2004-1856 devices_update_printer_fw_upload.hts in HP Web JetAdmin 7.5.2546, when no password is set, allows re...
E
CVE-2004-1857 Directory traversal vulnerability in setinfo.hts in HP Web Jetadmin 7.5.2546 allows remote authentic...
E
CVE-2004-1858 HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malforme...
CVE-2004-1859 Directory traversal vulnerability in Trend Micro Interscan Web Viruswall in InterScan VirusWall 3.5x...
E S
CVE-2004-1860 Buffer overflow in Check Point SmartDashboard in Check Point NG AI R54 and R55 allows remote authent...
CVE-2004-1861 Invision NetSupport School Pro uses a weak encryption algorithm to encrypt passwords, which allows l...
E
CVE-2004-1862 Multiple cross-site scripting (XSS) vulnerabilities in Extreme Messageboard (XMB) 1.8 SP3 and 1.9 be...
CVE-2004-1863 Multiple cross-site scripting (XSS) vulnerabilities in XMB (aka extreme message board) 1.9 beta (aka...
CVE-2004-1864 SQL injection vulnerability in Extreme Messageboard (XMB) 1.9 beta allows remote attackers to execut...
CVE-2004-1865 Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote au...
E
CVE-2004-1866 nstxd in Nstx 1.1 beta3 and earlier allows remote attackers to cause a denial of service (crash) via...
E S
CVE-2004-1867 Cross-site scripting (XSS) vulnerability in guest.cgi in Fresh Guest Book allows remote attackers to...
E
CVE-2004-1868 Stack-based buffer overflow in WinSig.exe in eSignal 7.5 and 7.6 allows remote attackers to execute ...
E S
CVE-2004-1869 Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allows remote attackers to cause a ...
E
CVE-2004-1870 Multiple SQL injection vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow remote attackers...
CVE-2004-1871 Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 4.6.x and earlier allow rem...
E S
CVE-2004-1872 Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to ...
E S
CVE-2004-1873 SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote attackers to ...
E
CVE-2004-1874 Multiple cross-site scripting (XSS) vulnerabilities in (1) deliver.asp and (2) billing.asp in A-CART...
E
CVE-2004-1875 Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to in...
S
CVE-2004-1876 The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows loc...
E S
CVE-2004-1877 The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Si...
S
CVE-2004-1878 LINBOX LIN:BOX allows remote attackers to bypass authentication, obtain sensitive information, or ga...
E S
CVE-2004-1879 Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows allows remote attackers to inject a...
CVE-2004-1880 Memory leak in the back-bdb backend for OpenLDAP 2.1.12 and earlier allows remote attackers to cause...
S
CVE-2004-1881 SQL injection vulnerability in (1) mailorder.asp or (2) payonline.asp in CactuShop 5.x allows remote...
E S
CVE-2004-1882 Cross-site scripting (XSS) vulnerability in popuplargeimage.asp in CactuShop 5.x allows remote attac...
E S
CVE-2004-1883 Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to ex...
S
CVE-2004-1884 Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which all...
E S
CVE-2004-1885 Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYST...
E S
CVE-2004-1886 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1848. Reason: This candida...
R
CVE-2004-1887 Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an H...
E S
CVE-2004-1888 display.cgi in Aborior Encore WebForum allows remote to execute arbitrary commands via shell metacha...
E
CVE-2004-1889 Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a d...
CVE-2004-1890 Unknown vulnerability in ftpd in SGI IRIX 6.5.20 through 6.5.23 allows remote attackers to cause a d...
S
CVE-2004-1891 The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an u...
CVE-2004-1892 Stack-based buffer overflow in DecodeBase16 function, as used in the (1) IRC module and (2) web serv...
S
CVE-2004-1893 Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, ...
S
CVE-2004-1894 TEXutil in ConTEXt, when executed with the --silent option, allows local users to overwrite arbitrar...
E S
CVE-2004-1895 YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a s...
CVE-2004-1896 Heap-based buffer overflow in in_mod.dll in Nullsoft Winamp 2.91 through 5.02 allows remote attacker...
S
CVE-2004-1897 Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of servi...
E S
CVE-2004-1898 Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote a...
E S
CVE-2004-1899 The administration interface in Monit 1.4 through 4.2 allows remote attackers to cause an off-by-one...
E S
CVE-2004-1900 Format string vulnerability in the logging function in IGI 2 Covert Strike server 1.3 and earlier al...
E
CVE-2004-1901 Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on t...
S
CVE-2004-1902 The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does n...
S
CVE-2004-1903 Buffer overflow in blaxxun 3D 7.0 allows remote attackers to execute arbitrary code via a long URL p...
E
CVE-2004-1904 Buffer overflow in ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to execute arbitrar...
E
CVE-2004-1905 ascontrol.dll in Panda ActiveScan 5.0 allows remote attackers to cause a denial of service (crash) b...
E
CVE-2004-1906 Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via...
E
CVE-2004-1907 The Web Filtering functionality in Kerio Personal Firewall (KPF) 4.0.13 allows remote attackers to c...
E
CVE-2004-1908 McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensit...
E
CVE-2004-1909 Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (cra...
S
CVE-2004-1910 rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) v...
E
CVE-2004-1911 Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject a...
E
CVE-2004-1912 The (1) modules.php, (2) block-Calendar.php, (3) block-Calendar1.php, (4) block-Calendar_center.php ...
E
CVE-2004-1913 Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, ...
E
CVE-2004-1914 SQL injection vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote...
E
CVE-2004-1915 Buffer overflow in the parse_all_client_messages function in LCDproc 0.4.x up to 0.4.4 allows remote...
E S
CVE-2004-1916 Multiple buffer overflows in LCDProc 0.4.1, and possibly other 0.4.x versions up to 0.4.4, allows re...
E S
CVE-2004-1917 Format string vulnerability in test_func_func in LCDProc 0.4.1 and earlier allows remote attackers t...
E S
CVE-2004-1918 RSniff 1.0 allows remote attackers to cause a denial of service (connection exhaustion) via a large ...
S
CVE-2004-1919 The hash_strcmp function in hasch.c in Crackalaka 1.0.8 allows remote attackers to cause a denial of...
E
CVE-2004-1920 X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" usern...
S
CVE-2004-1921 X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could ...
E S
CVE-2004-1922 Microsoft Internet Explorer 5.5 and 6.0 allocates memory based on the memory size written in the BMP...
CVE-2004-1923 Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive informatio...
E S
CVE-2004-1924 Multiple cross-site scripting (XSS) vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earli...
E S
CVE-2004-1925 Multiple SQL injection vulnerabilities in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allow remo...
E S
CVE-2004-1926 Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via...
E S
CVE-2004-1927 Directory traversal vulnerability in the map feature (tiki-map.phtml) in Tiki CMS/Groupware (TikiWik...
E S
CVE-2004-1928 The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers ...
E S
CVE-2004-1929 SQL injection vulnerability in the bblogin function in functions.php in PHP-Nuke 6.x through 7.2 all...
E
CVE-2004-1930 Cross-site scripting (XSS) vulnerability in the cookiedecode function in mainfile.php for PHP-Nuke 6...
E
CVE-2004-1932 SQL injection vulnerability in (1) auth.php and (2) admin.php in PHP-Nuke 6.x through 7.2 allows rem...
E
CVE-2004-1933 Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, ...
S
CVE-2004-1934 PHP remote file inclusion vulnerability in affich.php in Gemitel 3.50 allows remote attackers to exe...
E S
CVE-2004-1935 Cross-site scripting (XSS) vulnerability in SCT Campus Pipeline allows remote attackers to inject ar...
E S
CVE-2004-1936 ZoneAlarm Pro 4.5.538.001 and possibly other versions allows remote attackers to bypass e-mail prote...
CVE-2004-1937 Multiple directory traversal vulnerabilities in Nuked-KlaN 1.4b and 1.5b allow remote attackers to r...
E S
CVE-2004-1938 SQL injection vulnerability in userlogin.php in Phorum 3.4.7 allows remote attackers to execute arbi...
E S
CVE-2004-1939 Cross-site scripting (XSS) vulnerability in Zaep AntiSpam 2.0 allows remote attackers to inject arbi...
S
CVE-2004-1940 sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to cause a denial of service (cras...
E S
CVE-2004-1941 Fastream NETFile FTP/Web Server 6.5.1.980 allows remote attackers to cause a denial of service via a...
E S
CVE-2004-1942 The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv a...
E S
CVE-2004-1943 PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows r...
S
CVE-2004-1944 Eudora 6.1 and 6.0.3 for Windows allows remote attackers to cause a denial of service (crash) via a ...
E
CVE-2004-1945 Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a ...
E S
CVE-2004-1946 Format string vulnerability in the PRINT_ERROR function in common.c for Cherokee Web Server 0.4.16 a...
E
CVE-2004-1947 The AVXSCANONLINE.AvxScanOnlineCtrl.1 ActiveX control in BitDefender Scan Online allows remote attac...
E S
CVE-2004-1948 NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is prov...
E
CVE-2004-1949 SQL injection vulnerability in PostNuke 7.2.6 and earlier allows remote attackers to execute arbitra...
E S
CVE-2004-1950 phpBB 2.0.8a and earlier trusts the IP address that is in the X-Forwarded-For in the HTTP header, wh...
E S
CVE-2004-1951 xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote atta...
E S
CVE-2004-1952 SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary S...
E S
CVE-2004-1953 phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to ...
E
CVE-2004-1954 Cross-site scripting (XSS) vulnerability in modules.php in phProfession 2.5 allows remote attackers ...
E
CVE-2004-1955 SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute ar...
E
CVE-2004-1956 PostNuke 0.7.2.6 allows remote attackers to gain information via a direct HTTP request to files in t...
E
CVE-2004-1957 Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inj...
E
CVE-2004-1958 Directory traversal vulnerability in manifest.ini in Unreal engine allows remote attackers to overwr...
E
CVE-2004-1959 blocker_query.php in Protector System 1.15b1 for PHP-Nuke allows remote attackers to gain sensitive ...
E S
CVE-2004-1960 Cross-site scripting (XSS) vulnerability in blocker_query.php in Protector System 1.15b1 allows remo...
E
CVE-2004-1961 blocker.php in Protector System 1.15b1 allows remote attackers to bypass SQL injection protection an...
E S
CVE-2004-1962 SQL injection vulnerability in index.php in Protector System 1.15b1 allows remote attackers to bypas...
E
CVE-2004-1963 nqt.php in Network Query Tool (NQT) 1.6 allows remote attackers to obtain sensitive information via ...
E
CVE-2004-1964 Cross-site scripting (XSS) vulnerability in nqt.php in Network Query Tool (NQT) 1.6 allows remote at...
CVE-2004-1965 Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlie...
E
CVE-2004-1966 Multiple SQL injection vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remot...
E
CVE-2004-1967 Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp...
E
CVE-2004-1968 The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote att...
E
CVE-2004-1969 The avatar upload capability in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attacke...
CVE-2004-1970 Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and ...
CVE-2004-1971 modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote attackers to gain sensitive in...
CVE-2004-1972 SQL injection vulnerability in modules.php in PHP-Nuke Video Gallery Module 0.1 Beta 5 allows remote...
E
CVE-2004-1973 DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP G...
E S
CVE-2004-1974 paFileDB 3.1 allows remote attackers to gain sensitive information via a direct request to (1) login...
CVE-2004-1975 Cross-site scripting (XSS) vulnerability in the category module in pafiledb.php for paFileDB 3.1 all...
CVE-2004-1976 SMC Barricade broadband router 7008ABR and 7004VBR enable remote administration by default, which al...
S
CVE-2004-1977 3com NBX IP VOIP NetSet Configuration Manager allows remote attackers to cause a denial of service (...
CVE-2004-1978 Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to...
E S
CVE-2004-1979 Cross-site scripting (XSS) vulnerability in do_search.php in PROPS 0.6.1 allows remote attackers to ...
S
CVE-2004-1980 Directory traversal vulnerability in glossary.php in PROPS 0.6.1 allows remote attackers to view arb...
S
CVE-2004-1981 The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exh...
CVE-2004-1982 Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board's .txt file via...
E S
CVE-2004-1983 The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address ...
E S
CVE-2004-1984 Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive informatio...
E
CVE-2004-1985 Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows r...
E
CVE-2004-1986 Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 al...
E
CVE-2004-1987 picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with a...
E
CVE-2004-1988 PHP remote file inclusion vulnerability in init.inc.php in Coppermine Photo Gallery 1.2.0 RC4 allows...
E
CVE-2004-1989 PHP remote file inclusion vulnerability in theme.php in Coppermine Photo Gallery 1.2.2b allows remot...
E
CVE-2004-1990 Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary ...
E
CVE-2004-1991 Directory traversal vulnerability in Aldo's Web Server (aweb) 1.5 allows remote attackers to view ar...
E
CVE-2004-1992 Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of ser...
E S
CVE-2004-1993 The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allow...
CVE-2004-1994 FuseTalk 4.0 allows remote attackers to ban other users via a direct request to banning.cfm....
CVE-2004-1995 Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create ar...
E
CVE-2004-1996 Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers ...
E
CVE-2004-1997 Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-re...
E S
CVE-2004-1998 The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive informati...
E
CVE-2004-1999 Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows ...
E
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.