Total
29810 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1388 | 1 Berlios | 1 Gps Daemon | 2025-04-03 | N/A |
| Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls. | ||||
| CVE-2004-1393 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | ||||
| CVE-2004-1406 | 1 Ikonboard.com | 1 Ikonboard | 2025-04-03 | N/A |
| SQL injection vulnerability in ikonboard.cgi in Ikonboard 3.1.0 through 3.1.3 allows remote attackers to inject arbitrary SQL commands via the (1) st or (2) keywords parameter. | ||||
| CVE-2004-1407 | 1 Singapore | 1 Image Gallery Web Application | 2025-04-03 | N/A |
| Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php. | ||||
| CVE-2004-1408 | 1 Singapore | 1 Image Gallery Web Application | 2025-04-03 | N/A |
| The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files. | ||||
| CVE-2004-1409 | 1 Singapore | 1 Image Gallery Web Application | 2025-04-03 | N/A |
| Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2004-1411 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2025-04-03 | N/A |
| Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters. | ||||
| CVE-2004-1438 | 1 Subversion | 1 Subversion | 2025-04-03 | N/A |
| The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command. | ||||
| CVE-2004-1439 | 1 Sapporoworks | 1 Black Jumbodog | 2025-04-03 | N/A |
| Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5) XMKD, and (6) XRMD. | ||||
| CVE-2004-1437 | 1 Pavuk | 1 Pavuk | 2025-04-03 | N/A |
| Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-1456 | 1 Cvstrac | 1 Cvstrac | 2025-04-03 | N/A |
| filediff in CVStrac allows remote attackers to execute arbitrary commands via shell metacharacters in rcsinfo. | ||||
| CVE-2004-1459 | 1 Cisco | 2 Secure Access Control Server, Secure Acs Solution Engine | 2025-04-03 | N/A |
| Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests. | ||||
| CVE-2004-1484 | 1 Socat | 1 Socat | 2025-04-03 | N/A |
| Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message. | ||||
| CVE-2004-1495 | 1 Rarlab | 1 Winrar | 2025-04-03 | N/A |
| The Repair Archive command in WinRAR 3.40 allows remote attackers to cause a denial of service (application crash) via a corrupt ZIP archive. | ||||
| CVE-2004-1499 | 1 Webhost Automation | 1 Helm Control Panel | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the compose message form in HELM 3.1.19 and earlier allows remote attackers to execute arbitrary web script or HTML via the Subject field. | ||||
| CVE-2004-1504 | 1 Salims Softhouse | 1 Jaf Cms | 2025-04-03 | N/A |
| The displaycontent function in config.php for Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to gain sensitive information via a blank show parameter, which reveals the installation path in an error message, as demonstrated using index.php. | ||||
| CVE-2004-1517 | 1 Zonelabs | 1 Imsecure | 2025-04-03 | N/A |
| Zone Labs IMsecure and IMsecure Pro before 1.5 allow remote attackers to bypass Active Link Filtering via an instant message containing a URL with hex encoded file extensions. | ||||
| CVE-2004-1518 | 1 Phorum | 1 Phorum | 2025-04-03 | N/A |
| SQL injection vulnerability in follow.php in Phorum 5.0.12 and earlier allows remote authenticated users to execute arbitrary SQL command via the forum_id parameter. | ||||
| CVE-2004-1520 | 1 Ipswitch | 1 Imail | 2025-04-03 | N/A |
| Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command. | ||||
| CVE-2004-1522 | 1 3do | 1 Army Men Real Time Strategy Game | 2025-04-03 | N/A |
| Format string vulnerability in Army Men RTS 1.0 allows remote attackers to cause a denial of service (application crash) via a nickname that contains format strings. | ||||