Total
11841 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-2706 | 1 Phrozensmoke | 1 Gyach Enhanced | 2024-11-20 | N/A |
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service (crash) via conference packets with error messages. | ||||
CVE-2004-2649 | 1 Eudora | 1 Eudora | 2024-11-20 | N/A |
Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in the status bar by inserting a large number of characters (e.g. spaces coded as " ") in the middle of the URL. | ||||
CVE-2004-2596 | 1 Id Software | 1 Quake Ii Server | 2024-11-20 | N/A |
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (exhaustion of connection slots) via a large number of connections from the same IP address. | ||||
CVE-2004-2592 | 1 Id Software | 1 Quake Ii Server | 2024-11-20 | N/A |
Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines. | ||||
CVE-2004-2533 | 1 Solarwinds | 1 Serv-u File Server | 2024-11-20 | N/A |
Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2004-2111. | ||||
CVE-2004-1928 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-20 | N/A |
The image upload feature in Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to upload and possibly execute arbitrary files via the img/wiki_up URL. | ||||
CVE-2004-1777 | 1 Skype Technologies | 1 Skype | 2024-11-20 | N/A |
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114. | ||||
CVE-2004-1675 | 1 Solarwinds | 1 Serv-u File Server | 2024-11-20 | N/A |
Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. | ||||
CVE-2004-1617 | 1 University Of Kansas | 1 Lynx | 2024-11-20 | N/A |
Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name in an element that is not terminated, as demonstrated by mangleme. NOTE: a followup suggests that the relevant trigger for this issue is the large COLS value. | ||||
CVE-2004-1386 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-20 | N/A |
TikiWiki before 1.8.4.1 does not properly verify uploaded images, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2005-0200. | ||||
CVE-2004-1125 | 4 Easy Software Products, Kde, Redhat and 1 more | 4 Cups, Kde, Enterprise Linux and 1 more | 2024-11-20 | N/A |
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded. | ||||
CVE-2004-1019 | 5 Openpkg, Php, Redhat and 2 more | 7 Openpkg, Php, Enterprise Linux and 4 more | 2024-11-20 | N/A |
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results. | ||||
CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2024-11-20 | N/A |
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | ||||
CVE-2004-0276 | 1 Monkey-project | 1 Monkey | 2024-11-20 | N/A |
The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an HTTP request with a sequence of "%" characters and a missing Host field. | ||||
CVE-2004-0244 | 1 Cisco | 1 Ios | 2024-11-20 | N/A |
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | ||||
CVE-2003-1569 | 2 Goahead, Microsoft | 4 Goahead Webserver, Windows 95, Windows 98 and 1 more | 2024-11-20 | N/A |
GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385. | ||||
CVE-2003-1568 | 2 Goahead, Goahead Software | 2 Goahead Webserver, Goahead Webserver | 2024-11-20 | N/A |
GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function. | ||||
CVE-2003-1538 | 1 Suse | 3 Office Server, Suse Linux, Suse Linux Openexchange Server | 2024-11-20 | N/A |
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | ||||
CVE-2003-1490 | 1 Sonicwall | 3 Pro100, Pro200, Pro300 | 2024-11-20 | N/A |
SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | ||||
CVE-2003-1488 | 1 Truelogik | 1 Truegalerie | 2024-11-20 | N/A |
The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1. |