Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1795 | 1 Info Touch | 1 Surfnet | 2008-09-05 | 2.1 LOW | N/A |
| Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI. | |||||
| CVE-2004-1891 | 1 Sgi | 1 Irix | 2008-09-05 | 5.0 MEDIUM | N/A |
| The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged. | |||||
| CVE-2004-2001 | 1 Sgi | 1 Irix | 2008-09-05 | 4.6 MEDIUM | N/A |
| ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received. | |||||
| CVE-2004-2024 | 1 Zen Cart | 1 Zen Cart | 2008-09-05 | 7.5 HIGH | N/A |
| The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. | |||||
| CVE-2004-1342 | 1 Cvs | 1 Cvs | 2008-09-05 | 7.5 HIGH | N/A |
| CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method. | |||||
| CVE-2004-1343 | 1 Cvs | 1 Cvs | 2008-09-05 | 5.0 MEDIUM | N/A |
| CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash). | |||||
| CVE-2004-1374 | 1 Netbsd | 1 Netbsd | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | |||||
| CVE-2004-1449 | 2 Firebirdsql, Mozilla | 3 Firebird, Mozilla, Thunderbird | 2008-09-05 | 2.6 LOW | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control. | |||||
| CVE-2004-1450 | 1 Mozilla | 1 Mozilla | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations. | |||||
| CVE-2004-1451 | 1 Mozilla | 1 Mozilla | 2008-09-05 | 2.6 LOW | N/A |
| Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks. | |||||
| CVE-2004-0997 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. | |||||
| CVE-2004-1039 | 1 Sco | 2 Openserver, Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. | |||||
| CVE-2004-1077 | 1 Citrix | 2 Metaframe Client, Program Neighborhood Agent | 2008-09-05 | 5.0 MEDIUM | N/A |
| Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive. | |||||
| CVE-2004-1078 | 1 Citrix | 2 Metaframe Client, Program Neighborhood Agent | 2008-09-05 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element. | |||||
| CVE-2004-1160 | 1 Netscape | 1 Navigator | 2008-09-05 | 7.5 HIGH | N/A |
| Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2004-1312 | 1 Gfi | 2 Mailessentials, Mailsecurity | 2008-09-05 | 10.0 HIGH | N/A |
| A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues. | |||||
| CVE-2004-0921 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2008-09-05 | 7.5 HIGH | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets. | |||||
| CVE-2004-0922 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2008-09-05 | 5.0 MEDIUM | N/A |
| AFP Server on Mac OS X 10.3.x to 10.3.5, under certain conditions, does not properly set the guest group ID, which causes AFP to change a write-only AFP Drop Box to be read-write when the Drop Box is on a share that is mounted by a guest, which allows attackers to read the Drop Box. | |||||
| CVE-2004-0924 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2008-09-05 | 5.0 MEDIUM | N/A |
| NetInfo Manager on Mac OS X 10.3.x through 10.3.5, after an initial root login, reports the root account as being disabled, even when it has not. | |||||
| CVE-2004-0926 | 2 Apple, Easy Software Products | 3 Mac Os X, Mac Os X Server, Cups | 2008-09-05 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Apple QuickTime on Mac OS 10.2.8 through 10.3.5 may allow remote attackers to execute arbitrary code via a certain BMP image. | |||||