Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1474 | 1 Symantec | 12 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 9 more | 2017-07-10 | 5.0 MEDIUM | N/A |
| Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file. | |||||
| CVE-2004-1475 | 1 Xine | 2 Xine, Xine-lib | 2017-07-10 | 5.1 MEDIUM | N/A |
| Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines. | |||||
| CVE-2004-1476 | 2 Suse, Xine | 3 Suse Linux, Xine, Xine-lib | 2017-07-10 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. | |||||
| CVE-2004-1477 | 1 Macromedia | 1 Jrun | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Management Console in JRun 4.0 allows remote attackers to execute arbitrary web script or HTML and possibly hijack a user's session. | |||||
| CVE-2004-1478 | 2 Hitachi, Macromedia | 4 Cosminexus Enterprise, Cosminexus Server, Coldfusion and 1 more | 2017-07-10 | 7.5 HIGH | N/A |
| JRun 4.0 does not properly generate and handle the JSESSIONID, which allows remote attackers to perform a session fixation attack and hijack a user's HTTP session. | |||||
| CVE-2004-1480 | 1 Hp | 1 Storageworks Command View | 2017-07-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in the management station in HP StorageWorks Command View XP 1.8B and earlier allows remote attackers to bypass access restrictions. | |||||
| CVE-2004-1482 | 1 Bnc | 1 Bnc | 2017-07-10 | 7.5 HIGH | N/A |
| The sbuf_getmsg function in BNC incorrectly handles backspace characters, which could allow remote attackers to bypass authentication and gain access to arbitrary scripts. | |||||
| CVE-2004-1483 | 1 Symantec | 1 Clientless Vpn Gateway 4400 | 2017-07-10 | 10.0 HIGH | N/A |
| Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | |||||
| CVE-2004-1484 | 1 Socat | 1 Socat | 2017-07-10 | 5.0 MEDIUM | N/A |
| Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message. | |||||
| CVE-2004-1485 | 2 Gnu, Tftp | 2 Inetutils, Tftp | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function. | |||||
| CVE-2004-1486 | 1 Hp | 2 Cluster Object Manager, Serviceguard | 2017-07-10 | 10.0 HIGH | N/A |
| Unknown vulnerability in Serviceguard A.11.13 through A.11.16.00 and Cluster Object Manager A.01.03 and B.01.04 through B.03.00.01 on HP-UX, Serviceguard A.11.14.04 and A.11.15.04 and Cluster Object Manager B.02.01.02 and B.02.02.02 on HP Linux, allow remote attackers to gain privileges via unknown attack vectors. | |||||
| CVE-2004-1492 | 1 Quicksilver | 1 Master Of Orion Iii | 2017-07-10 | 5.0 MEDIUM | N/A |
| Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (game exit) via a data packet that contains a large size specifier, which causes a large memory allocation to fail. | |||||
| CVE-2004-1493 | 1 Quicksilver | 1 Master Of Orion Iii | 2017-07-10 | 5.0 MEDIUM | N/A |
| Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow. | |||||
| CVE-2004-1494 | 1 Kingsoft | 1 Xdict | 2017-07-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string. | |||||
| CVE-2004-1495 | 1 Rarlab | 1 Winrar | 2017-07-10 | 2.6 LOW | N/A |
| The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive. | |||||
| CVE-2004-1499 | 1 Webhost Automation | 1 Helm Control Panel | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field. | |||||
| CVE-2004-1500 | 2 Freeform Interactive, Monolith Productions | 11 Purge Jihad, Alien Versus Predator, Blood and 8 more | 2017-07-10 | 2.1 LOW | N/A |
| Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message. | |||||
| CVE-2004-1501 | 1 Software602 | 1 602lan Suite | 2017-07-10 | 5.0 MEDIUM | N/A |
| The webmail service in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) by sending a POST request with a large Content-Length value, then disconnecting without sending that amount of data. | |||||
| CVE-2004-1502 | 1 Software602 | 1 602lan Suite | 2017-07-10 | 5.0 MEDIUM | N/A |
| The Telnet proxy in 602 Lan Suite 2004.0.04.0909 and earlier allows remote attackers to cause a denial of service (socket exhaustion) via a Telnet request to an IP address of the proxy's network interface, which causes a loop. | |||||
| CVE-2004-1503 | 1 Sun | 1 Jre | 2017-07-10 | 5.0 MEDIUM | N/A |
| Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative. | |||||