Total
29891 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1467 | 1 Egroupware | 1 Egroupware | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in eGroupWare 1.0.00.003 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) date or search text field in the calendar module, (2) Field parameter, Filter parameter, QField parameter, Start parameter or Search field in the address module, (3) Subject field in the message module or (4) Subject field in the Ticket module. | ||||
| CVE-2004-1522 | 1 3do | 1 Army Men Real Time Strategy Game | 2025-04-03 | N/A |
| Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service (application crash) via a nickname that contains format strings. | ||||
| CVE-2004-1523 | 1 New Media Generation | 1 Hired Team Trial | 2025-04-03 | N/A |
| Format string vulnerability in the game console in Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via format string specifiers in a message. | ||||
| CVE-2004-1541 | 1 Van Dyke Technologies | 1 Securecrt | 2025-04-03 | N/A |
| SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share. | ||||
| CVE-2004-1560 | 1 Microsoft | 1 Sql Server | 2025-04-03 | N/A |
| Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow. | ||||
| CVE-2004-1590 | 1 Clientexec | 1 Clientexec | 2025-04-03 | N/A |
| Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function. | ||||
| CVE-2004-1609 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2025-04-03 | N/A |
| SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access. | ||||
| CVE-2004-1619 | 1 Akella | 1 Privateers Bounty Age Of Sail Ii | 2025-04-03 | N/A |
| Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname. | ||||
| CVE-2002-2313 | 1 Qualcomm | 1 Eudora | 2025-04-03 | N/A |
| Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer. | ||||
| CVE-2004-2169 | 1 A-a-s Application Access Server | 1 A-a-s Application Access Server | 2025-04-03 | N/A |
| Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request. | ||||
| CVE-2004-1630 | 1 Openwfe | 1 Work Flow Engine | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the login form in Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to execute arbitrary web script or HTML via the url parameter. | ||||
| CVE-2004-1686 | 1 Microsoft | 1 Ie | 2025-04-03 | N/A |
| Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin. | ||||
| CVE-2004-1706 | 1 U.s.robotics | 1 Usr808054 | 2025-04-03 | N/A |
| The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string. | ||||
| CVE-2004-1763 | 1 Haht Commerce | 1 Hahtsite Scenario Server | 2025-04-03 | N/A |
| Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name. | ||||
| CVE-2004-1783 | 1 Net2soft | 1 Flash Ftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read and create arbitrary files via a /.. (slash dot dot). | ||||
| CVE-2004-1793 | 1 Yatsoft | 1 Switch Off | 2025-04-03 | N/A |
| Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. | ||||
| CVE-2002-2316 | 1 Cisco | 1 Catos | 2025-04-03 | N/A |
| Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | ||||
| CVE-2004-1833 | 1 Borland Software | 1 Interbase | 2025-04-03 | N/A |
| The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | ||||
| CVE-2004-1911 | 1 Azerbaijan Development Group | 1 Azdgdating | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to view.php. | ||||
| CVE-2004-1891 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged. | ||||