Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0735 | 1 Electronic Arts | 1 Medal Of Honor Allied Assault | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors. | |||||
| CVE-2004-0736 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 5.0 MEDIUM | N/A |
| The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message. | |||||
| CVE-2004-0737 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple cross-site scripting vulnerabilities in index.php in the Search module for Php-Nuke allows remote attackers to inject arbitrary web script or HTML via the (1) sid, (2) max, (3) sel1, (4) sel2, (5) sel3, (6) sel4, (7) sel5, (8) match, (9) mod1, (10) mod2, or (11) mod3 parameters. | |||||
| CVE-2004-0738 | 1 Francisco Burzi | 1 Php-nuke | 2017-07-10 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in the Search module in Php-Nuke allow remote attackers to execute arbitrary SQL via the (1) min or (2) categ parameters. | |||||
| CVE-2004-0739 | 1 Snapfiles | 1 Whisper Ftp Surfer | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in Whisper FTP Surfer 1.0.7 allows remote FTP servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long filename. | |||||
| CVE-2004-0740 | 1 Lexmark | 1 T522 Network Printer | 2017-07-10 | 5.0 MEDIUM | N/A |
| The HTTP server in Lexmark T522 and possibly other models allows remote attackers to cause a denial of service (server crash, reload, or hang) via an HTTP header with a long Host field, possibly triggering a buffer overflow. | |||||
| CVE-2004-0741 | 1 Lionmax Software | 1 Www File Share Pro | 2017-07-10 | 5.0 MEDIUM | N/A |
| LionMax Software WWW File Share Pro 2.60 allows remote attackers to cause a denial of service (crash or hang) via a long URL, possibly triggering a buffer overflow. | |||||
| CVE-2004-0742 | 1 Sun | 1 Java System Calendar Server | 2017-07-10 | 10.0 HIGH | N/A |
| Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view. | |||||
| CVE-2004-0743 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| Safari in Mac OS X before 10.3.5, after sending form data using the POST method, may re-send the data to a GET method URL if that URL is redirected after the POST data and the user uses the forward or backward buttons, which may cause an information leak. | |||||
| CVE-2004-0744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-07-10 | 5.0 MEDIUM | N/A |
| The TCP/IP Networking component in Mac OS X before 10.3.5 allows remote attackers to cause a denial of service (memory and resource consumption) via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet. | |||||
| CVE-2004-0749 | 2 Gentoo, Subversion | 2 Linux, Subversion | 2017-07-10 | 5.0 MEDIUM | N/A |
| The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames. | |||||
| CVE-2004-0766 | 1 Ngsec | 1 Stackdefender | 2017-07-10 | 5.0 MEDIUM | N/A |
| NGSEC StackDefender 2.0 allows attackers to cause a denial of service (system crash) via an invalid address for the BaseAddress parameter to the hooks for the (1) ZwAllocateVirtualMemory or (2) ZwProtectVirtualMemory functions. | |||||
| CVE-2004-0767 | 1 Ngsec | 1 Stackdefender | 2017-07-10 | 5.0 MEDIUM | N/A |
| NGSEC StackDefender 1.10 allows attackers to cause a denial of service (system crash) via an invalid address for the ObjectAttribues parameter to the hooks for the (1) ZwCreateFile or (2) ZwOpenFile functions. | |||||
| CVE-2004-0768 | 1 Greg Roelofs | 1 Libpng3 | 2017-07-10 | 7.5 HIGH | N/A |
| libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
| CVE-2004-0770 | 2 Debian, Dgen | 2 Debian Linux, Emulator | 2017-07-10 | 2.1 LOW | N/A |
| romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files. | |||||
| CVE-2004-0774 | 1 Realnetworks | 2 Helix Universal Mobile Server And Gateway, Helix Universal Server | 2017-07-10 | 7.8 HIGH | N/A |
| RealNetworks Helix Universal Server 9.0.2 for Linux and 9.0.3 for Windows allows remote attackers to cause a denial of service (CPU and memory exhaustion) via a POST request with a Content-Length header set to -1. | |||||
| CVE-2004-0777 | 1 Inter7 | 1 Courier-imap | 2017-07-10 | 7.5 HIGH | N/A |
| Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3.x through 3.0.3, when login debugging (DEBUG_LOGIN) is enabled, allows remote attackers to execute arbitrary code. | |||||
| CVE-2004-0779 | 2 Firebirdsql, Mozilla | 3 Firebird, Firefox, Mozilla | 2017-07-10 | 7.5 HIGH | N/A |
| The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site. | |||||
| CVE-2004-0781 | 1 Icecast | 1 Icecast | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter. | |||||
| CVE-2004-0787 | 1 Openca | 1 Openca | 2017-07-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA 0.9.1-8 and earlier, and 0.9.2 RC6 and earlier, allows remote attackers to inject arbitrary web script or HTML via the form input fields. | |||||