Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-2378 | 1 Calacode | 1 At Mail Webmail System | 2017-07-10 | 5.0 MEDIUM | N/A |
| @Mail 3.64 for Windows allows remote attackers to cause a denial of service ("unusable" server) via a large number of POP3 connections to the server. | |||||
| CVE-2004-2379 | 1 Calacode | 1 At Mail Webmail System | 2017-07-10 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in @Mail 3.64 for Windows allow remote attackers to inject arbitrary web script or HTML via (1) the Displayed Name attribute in util.pl and (2) the Folder attribute in showmail.pl. | |||||
| CVE-2004-2380 | 1 Twilight Utilities | 1 Twilight Utilities Web Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to write arbitrary files via a .. (dot dot) in the attfile parameter. | |||||
| CVE-2004-2381 | 1 Jetty | 1 Jetty Http Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| HttpRequest.java in Jetty HTTP Server before 4.2.19 allows remote attackers to cause denial of service (memory usage and application crash) via HTTP requests with a large Content-Length. | |||||
| CVE-2004-2382 | 1 Perfectnav | 1 Perfectnav | 2017-07-10 | 5.0 MEDIUM | N/A |
| The PerfectNav plugin for Microsoft Internet Explorer allows remote attackers to cause a denial of service (browser crash) via a malformed URL such as "?". | |||||
| CVE-2004-2384 | 1 Nullsoft | 1 Winamp | 2017-07-10 | 5.0 MEDIUM | N/A |
| NullSoft Winamp 5.02 allows remote attackers to cause a denial of service (crash) by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line. | |||||
| CVE-2004-2385 | 1 Emumail | 1 Emu Webmail | 2017-07-10 | 5.0 MEDIUM | N/A |
| EMU Webmail 5.2.7 allows remote attackers to obtain sensitive path information (home directory) via an HTTP request for init.emu. | |||||
| CVE-2004-2386 | 2 Denis Sbragion, Peter Astrand | 2 Sredird, Sercd | 2017-07-10 | 7.5 HIGH | N/A |
| Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code via format string specifiers passed from the HandleCPCCommand function. | |||||
| CVE-2004-2387 | 2 Denis Sbragion, Peter Astrand | 2 Sredird, Sercd | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-2388 | 1 Ibm | 1 Aix | 2017-07-10 | 10.0 HIGH | N/A |
| rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user. | |||||
| CVE-2004-2389 | 1 Jabberstudio | 1 Jabber Gadu-gadu Transport | 2017-07-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration. | |||||
| CVE-2004-2390 | 1 Jabberstudio | 1 Jabber Gadu-gadu Transport | 2017-07-10 | 5.0 MEDIUM | N/A |
| The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8, when using libgadu 1.0 and later, allows attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2004-2391 | 1 Jabberstudio | 1 Jabber Gadu-gadu Transport | 2017-07-10 | 5.0 MEDIUM | N/A |
| Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service a message with an empty <priority/> tag. | |||||
| CVE-2004-2392 | 1 Mandrakesoft | 2 Mandrake Linux, Mandrake Linux Corporate Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs. | |||||
| CVE-2004-2393 | 1 Sun | 1 Jsse | 2017-07-10 | 7.5 HIGH | N/A |
| Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS. | |||||
| CVE-2004-2394 | 1 Mandrakesoft | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall | 2017-07-10 | 2.1 LOW | N/A |
| Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. | |||||
| CVE-2004-2395 | 1 Mandrakesoft | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall | 2017-07-10 | 2.1 LOW | N/A |
| Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer. | |||||
| CVE-2004-2396 | 1 Mandrakesoft | 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall | 2017-07-10 | 7.2 HIGH | N/A |
| passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. | |||||
| CVE-2004-2397 | 1 Bluecoat | 1 Security Gateway Os | 2017-07-10 | 5.0 MEDIUM | N/A |
| The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates. | |||||
| CVE-2004-2398 | 1 Netenberg | 1 Fantastico De Luxe | 2017-07-10 | 2.1 LOW | N/A |
| Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5. | |||||