Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-1791 | 1 Edimax | 1 Full Rate Adsl Router | 2008-09-05 | 7.5 HIGH | N/A |
| The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access. | |||||
| CVE-2004-1788 | 1 Asp-nuke | 1 Asp-nuke | 2008-09-05 | 5.0 MEDIUM | N/A |
| ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb. | |||||
| CVE-2004-1785 | 1 Invision Power Services | 1 Invision Board | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable. | |||||
| CVE-2004-1783 | 1 Net2soft | 1 Flash Ftp Server | 2008-09-05 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read and create arbitrary files via a /.. (slash dot dot). | |||||
| CVE-2004-1781 | 1 Info Touch | 1 Surfnet | 2008-09-05 | 4.6 MEDIUM | N/A |
| Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command. | |||||
| CVE-2004-1780 | 1 Info Touch | 1 Surfnet | 2008-09-05 | 4.6 MEDIUM | N/A |
| Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via repeated authentication attempts. | |||||
| CVE-2004-1777 | 1 Skype Technologies | 1 Skype | 2008-09-05 | 5.0 MEDIUM | N/A |
| A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114. | |||||
| CVE-2004-1754 | 1 Symantec | 2 Enterprise Firewall, Gateway Security | 2008-09-05 | 5.0 MEDIUM | N/A |
| The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. | |||||
| CVE-2004-1451 | 1 Mozilla | 1 Mozilla | 2008-09-05 | 2.6 LOW | N/A |
| Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks. | |||||
| CVE-2004-1450 | 1 Mozilla | 1 Mozilla | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations. | |||||
| CVE-2004-1449 | 2 Firebirdsql, Mozilla | 3 Firebird, Mozilla, Thunderbird | 2008-09-05 | 2.6 LOW | N/A |
| Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control. | |||||
| CVE-2004-1374 | 1 Netbsd | 1 Netbsd | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges. | |||||
| CVE-2004-1343 | 1 Cvs | 1 Cvs | 2008-09-05 | 5.0 MEDIUM | N/A |
| CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash). | |||||
| CVE-2004-1342 | 1 Cvs | 1 Cvs | 2008-09-05 | 7.5 HIGH | N/A |
| CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method. | |||||
| CVE-2004-1312 | 1 Gfi | 2 Mailessentials, Mailsecurity | 2008-09-05 | 10.0 HIGH | N/A |
| A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues. | |||||
| CVE-2004-1160 | 1 Netscape | 1 Navigator | 2008-09-05 | 7.5 HIGH | N/A |
| Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | |||||
| CVE-2004-1078 | 1 Citrix | 2 Metaframe Client, Program Neighborhood Agent | 2008-09-05 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the client for Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and Citrix MetaFrame Presentation Server client for WinCE before 8.33 allows remote attackers to execute arbitrary code via a long cached icon filename in the InName XML element. | |||||
| CVE-2004-1077 | 1 Citrix | 2 Metaframe Client, Program Neighborhood Agent | 2008-09-05 | 5.0 MEDIUM | N/A |
| Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive. | |||||
| CVE-2004-1039 | 1 Sco | 2 Openserver, Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. | |||||
| CVE-2004-0997 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors. | |||||