Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1076 | 2 Atari800, Debian | 2 Atari800, Debian Linux | 2016-10-17 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file. | |||||
| CVE-2004-1151 | 2 Linux, Ubuntu | 2 Linux Kernel, Ubuntu Linux | 2016-10-17 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges. | |||||
| CVE-2004-1161 | 2 Gentoo, Rssh | 2 Linux, Rssh | 2016-10-17 | 7.5 HIGH | N/A |
| rssh 2.2.2 and earlier does not properly restrict programs that can be run, which could allow remote authenticated users to bypass intended access restrictions and execute arbitrary programs via (1) rdist -P, (2) rsync, or (3) scp -S. | |||||
| CVE-2004-0423 | 1 Ssmtp | 1 Ssmtp | 2016-10-17 | 2.1 LOW | N/A |
| The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary files via a symlink attack on the ssmtp.log temporary log file. | |||||
| CVE-2004-0479 | 1 Microsoft | 1 Ie | 2016-10-17 | 5.0 MEDIUM | N/A |
| Internet Explorer 6 allows remote attackers to cause a denial of service (crash) via Javascript that creates a new popup window and disables the imagetoolbar functionality with a META tag, which triggers a null dereference. | |||||
| CVE-2004-0344 | 1 Yabb | 1 Yabb | 2016-10-17 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in ModifyMessage.php in YaBB SE 1.5.4 through 1.5.5b allows remote attackers to delete arbitrary files via a .. (dot dot) in the attachOld parameter. | |||||
| CVE-2004-0059 | 1 Lionmax Software | 1 Www File Share Pro | 2016-10-17 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in upload capability of WWW File Share Pro 2.42 and earlier allows remote attackers to overwrite arbitrary files via .. (dot dot) sequences in the filename parameter of a Content-Disposition: header. | |||||
| CVE-2004-0060 | 1 Lionmax Software | 1 Www File Share Pro | 2016-10-17 | 5.0 MEDIUM | N/A |
| WWW File Share Pro 2.42 and earlier allows remote attackers to cause a denial of service (crash) via a large POST request. | |||||
| CVE-2004-0061 | 1 Lionmax Software | 1 Www File Share Pro | 2016-10-17 | 7.5 HIGH | N/A |
| WWW File Share Pro 2.42 and earlier allows remote attackers to bypass directory access restrictions via (1) a URL with a trailing . (dot), or (2) a URI with a leading slash or backslash character. | |||||
| CVE-2004-0062 | 1 Fishnet | 1 Fishcart | 2016-10-17 | 7.5 HIGH | N/A |
| Integer overflow in the rnd arithmetic rounding function for various versions of FishCart before 3.1 allows remote attackers to "cause negative totals" via an order with a large quantity. | |||||
| CVE-2004-0064 | 1 Suse | 1 Suse Linux | 2016-10-17 | 2.1 LOW | N/A |
| The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite arbitrary files via a symlink attack on files within the tmp.SuSEconfig.gnome-filesystem.$RANDOM temporary directory. | |||||
| CVE-2004-0065 | 1 Phpgedview | 1 Phpgedview | 2016-10-17 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in phpGedView before 2.65 allow remote attackers to execute arbitrary SQL via (1) timeline.php and (2) placelist.php. | |||||
| CVE-2004-0069 | 1 Hd Soft | 1 Windows Ftp Server | 2016-10-17 | 7.5 HIGH | N/A |
| Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wscanf function. | |||||
| CVE-2004-0091 | 1 Jelsoft | 1 Vbulletin | 2016-10-17 | 4.3 MEDIUM | N/A |
| ** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, saying "There is no hidden field called 'reg_site', nor any $reg_site variable anywhere in the vBulletin 2 or vBulletin 3 source code or templates, nor has it ever existed. We can only assume that this vulnerability was found in a site running code modified from that supplied by Jelsoft." | |||||
| CVE-2003-1086 | 1 Pmachine | 2 Pmachine Free, Pmachine Pro | 2016-10-17 | 7.5 HIGH | N/A |
| PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and 2.2.1 allows remote attackers to execute arbitrary PHP code by modifying the pm_path parameter to reference a URL on a remote web server that contains the code. | |||||
| CVE-2003-1262 | 1 Http Fetcher | 1 Http Fetcher Library | 2016-10-17 | 6.4 MEDIUM | N/A |
| Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value. | |||||
| CVE-2003-1318 | 1 Twilight Utilities | 1 Twilight Webserver | 2016-10-17 | 7.8 HIGH | N/A |
| Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376. | |||||
| CVE-2003-1489 | 1 Truegalerie | 1 Truegalerie | 2016-10-17 | 5.0 MEDIUM | N/A |
| upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery. | |||||
| CVE-2003-0849 | 1 Gnu | 1 Cfengine | 2016-10-17 | 7.5 HIGH | N/A |
| Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. | |||||
| CVE-2003-0850 | 2 Dug Song, Rafal Wojtczuk | 2 Dsniff, Libnids | 2016-10-17 | 7.5 HIGH | N/A |
| The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." | |||||