Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1759 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2017-07-10 | 5.0 MEDIUM | N/A |
| Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. | |||||
| CVE-2004-1760 | 2 Cisco, Ibm | 17 Call Manager, Conference Connection, Emergency Responder and 14 more | 2017-07-10 | 10.0 HIGH | N/A |
| The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. | |||||
| CVE-2004-1762 | 1 F-secure | 1 F-secure Anti-virus | 2017-07-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV. | |||||
| CVE-2004-1763 | 1 Haht Commerce | 1 Hahtsite Scenario Server | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name. | |||||
| CVE-2004-1765 | 1 Mod Security | 1 Mod Security | 2017-07-10 | 7.5 HIGH | N/A |
| Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests. | |||||
| CVE-2004-1766 | 1 Juniper | 1 Netscreen-security Manager 2004 | 2017-07-10 | 5.0 MEDIUM | N/A |
| The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing. | |||||
| CVE-2004-1768 | 1 Symantec | 1 Brightmail Antispam | 2017-07-10 | 5.0 MEDIUM | N/A |
| The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters. | |||||
| CVE-2004-1769 | 1 Cpanel | 1 Cpanel | 2017-07-10 | 10.0 HIGH | N/A |
| The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass. | |||||
| CVE-2004-1770 | 1 Cpanel | 1 Cpanel | 2017-07-10 | 10.0 HIGH | N/A |
| The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter. | |||||
| CVE-2004-1771 | 1 Open Group | 1 Scalable Ogo | 2017-07-10 | 5.0 MEDIUM | N/A |
| Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users. | |||||
| CVE-2004-1774 | 1 Oracle | 2 Application Server, Oracle10g | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter. | |||||
| CVE-2004-1775 | 1 Cisco | 2 Catos, Ios | 2017-07-10 | 5.0 MEDIUM | N/A |
| Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | |||||
| CVE-2004-1776 | 1 Cisco | 1 Ios | 2017-07-10 | 7.5 HIGH | N/A |
| Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | |||||
| CVE-2004-1779 | 1 Thwboard | 1 Thwboard Beta | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in board.php for ThWboard before beta 2.84 allows remote attackers to inject arbitrary web script or HTML via the lastvisited parameter. | |||||
| CVE-2004-1784 | 1 Webcam Corp | 1 Webcam Watchdog | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2004-1786 | 1 Iatek | 1 Portalapp | 2017-07-10 | 5.0 MEDIUM | N/A |
| PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb. | |||||
| CVE-2004-1787 | 1 Postnuke Software Foundation | 1 Postcalendar | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PostCalendar 4.0.0 allows remote attackers to execute arbitrary SQL commands via search queries. | |||||
| CVE-2004-1789 | 1 Zyxel | 1 Zywall10 | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth_1 page. | |||||
| CVE-2004-1790 | 1 Edimax | 1 Full Rate Adsl Router | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL. | |||||
| CVE-2004-1792 | 1 Yatsoft | 1 Switch Off | 2017-07-10 | 5.0 MEDIUM | N/A |
| swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000). | |||||