Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0514 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.2 HIGH | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of directory services lookups." | |||||
| CVE-2004-0515 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in LoginWindow for Mac OS X 10.3.4, related to "handling of console log files." | |||||
| CVE-2004-0516 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Mac OS X 10.3.4, related to "package installation scripts," a different vulnerability than CVE-2004-0517. | |||||
| CVE-2004-0517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in Mac OS X 10.3.4, related to "handling of process IDs during package installation," a different vulnerability than CVE-2004-0516. | |||||
| CVE-2004-0518 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in AppleFileServer for Mac OS X 10.3.4, related to "the use of SSH and reporting errors," has unknown impact and attack vectors. | |||||
| CVE-2004-0522 | 2 Debian, Gallery Project | 2 Debian Linux, Gallery | 2017-07-10 | 10.0 HIGH | N/A |
| Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges. | |||||
| CVE-2004-0524 | 1 Thiago Melo De Paula | 1 Change Passwd | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name. | |||||
| CVE-2004-0527 | 1 Kde | 1 Konqueror | 2017-07-10 | 5.0 MEDIUM | N/A |
| KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | |||||
| CVE-2004-0528 | 1 Netscape | 1 Navigator | 2017-07-10 | 5.0 MEDIUM | N/A |
| Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | |||||
| CVE-2004-1206 | 1 Pntresmailer | 1 Pntresmailer | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in codebrowserpntm.php in pnTresMailer 6.0.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the filetodownload parameter. | |||||
| CVE-2004-1207 | 1 Serioussam | 1 Seriousengine | 2017-07-10 | 5.0 MEDIUM | N/A |
| The Serious engine, as used in (1) Alpha Black Zero Intrepid Protocol 1.04 and earlier, (2) Nitro family, and (3) Serious Sam Second Encounter 1.07 allows remote attackers to cause a denial of service (server crash) via a large number of UDP join requests that exceeds the maximum player limit, as originally reported for Alpha Black Zero. | |||||
| CVE-2004-1208 | 1 21-6 Productions | 1 Orbz | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request. | |||||
| CVE-2004-1209 | 1 Verisign | 1 Payflow Link | 2017-07-10 | 5.0 MEDIUM | N/A |
| Verisign Payflow Link, when running with empty Accepted URL fields, does not properly verify the data in the hidden AMOUNT field, which allows remote attackers to modify the price of the items that they purchase. | |||||
| CVE-2004-1210 | 1 Ipcop | 1 Ipcop | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) part variables. | |||||
| CVE-2004-1211 | 1 David Harris | 1 Mercury | 2017-07-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands. | |||||
| CVE-2004-1212 | 1 Blog Torrent | 1 Blog Torrent Preview | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attackers to download arbitrary files via a .. (dot dot) in the file argument. | |||||
| CVE-2004-1213 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2017-07-10 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter. | |||||
| CVE-2004-1214 | 1 Burut | 1 Kreed | 2017-07-10 | 10.0 HIGH | N/A |
| Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text. | |||||
| CVE-2004-1215 | 1 Burut | 1 Kreed | 2017-07-10 | 5.0 MEDIUM | N/A |
| Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error. | |||||
| CVE-2004-1216 | 1 Burut | 1 Kreed | 2017-07-10 | 5.0 MEDIUM | N/A |
| The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game. | |||||