Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2456 | 1 Minibb | 1 Minibb | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in miniBB 1.7f and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a userinfo action. | |||||
| CVE-2004-2457 | 1 3com | 1 3crwe754g72-a | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in 3Com OfficeConnect ADSL 11g Router allows remote attackers to cause a denial of service (crash) via a large amount of UDP traffic. | |||||
| CVE-2004-2458 | 1 Open Webmail | 1 Open Webmail | 2017-07-10 | 5.0 MEDIUM | N/A |
| Open WebMail 2.30 and earlier, when use_syshomedir is disabled or create_syshomedir is enabled, creates new directories before authenticating, which allows remote attackers to create arbitrary directories. | |||||
| CVE-2004-2460 | 1 Gnu | 1 Gnubiff | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. | |||||
| CVE-2004-2461 | 1 Gnu | 1 Gnubiff | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. | |||||
| CVE-2004-2462 | 1 Cplay | 1 Cplay | 2017-07-10 | 4.6 MEDIUM | N/A |
| cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplay_control temporary file. | |||||
| CVE-2004-2465 | 1 Efs Software | 1 Easy Chat Server | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | |||||
| CVE-2004-2467 | 1 Efs Software | 1 Easy Chat Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a large number of fake users, then eventually cause a denial of service (server crash). | |||||
| CVE-2004-2468 | 1 Scripts For Educators | 1 Sillysearch | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SillySearch 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | |||||
| CVE-2004-2469 | 1 Brickhost | 1 Phpscheduleit | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Reservation.class.php for phpScheduleIt 1.01 and earlier allows attackers to modify or delete reservations. | |||||
| CVE-2004-2470 | 1 Madbms | 1 Madbms | 2017-07-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact and attack vectors, related to logins. | |||||
| CVE-2004-2471 | 1 Jamesoff | 1 Quoteengine | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the sloth TCL script in QuoteEngine before 1.2.0 allow remote attackers to execute arbitrary SQL commands via unknown vectors. | |||||
| CVE-2004-2472 | 1 Agnitum | 1 Outpost Firewall | 2017-07-10 | 5.0 MEDIUM | N/A |
| Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. | |||||
| CVE-2004-2473 | 1 Wmfrog | 1 Wmfrog | 2017-07-10 | 1.2 LOW | N/A |
| wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2004-2474 | 1 Phpnews | 1 Phpnews | 2017-07-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php. | |||||
| CVE-2004-2475 | 1 Google | 1 Toolbar | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. | |||||
| CVE-2004-2477 | 1 Diamondcs | 1 Process Guard Free | 2017-07-10 | 2.1 LOW | N/A |
| DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe. | |||||
| CVE-2004-2480 | 1 National Science Foundation | 1 Squid Web Proxy Cache | 2017-07-10 | 5.0 MEDIUM | N/A |
| Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer. | |||||
| CVE-2004-2481 | 1 Myproxy | 1 Myproxy | 2017-07-10 | 4.6 MEDIUM | N/A |
| MyProxy 6.58 allows remote authenticated users in the Users Tab to connect to arbitrary hosts from the MyProxy server, possibly bypassing access restrictions, by connecting to the proxy and issuing a CONNECT command. | |||||
| CVE-2004-2482 | 1 Microsoft | 1 Outlook | 2017-07-10 | 5.0 MEDIUM | N/A |
| Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code. | |||||