Total
29753 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1316 | 1 Endonesia | 1 Endonesia | 2025-04-03 | N/A |
| mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2003-1317 | 1 Endonesia | 1 Endonesia | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2003-1510 | 1 Rit Research Labs | 1 Tinyweb | 2025-04-03 | N/A |
| TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory. | ||||
| CVE-2003-1509 | 1 Realnetworks | 2 Realone Enterprise Desktop, Realone Player | 2025-04-03 | N/A |
| Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | ||||
| CVE-2004-1302 | 1 Yamt | 1 Yamt | 2025-04-03 | N/A |
| The id3tag_sort function in id3tag.c for YAMT 0.5 allows remote attackers to execute arbitrary commands via an MP3 file with double quotes in the Artist tag. | ||||
| CVE-2004-0015 | 1 Vbox3 | 1 Vbox3 | 2025-04-03 | N/A |
| vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges. | ||||
| CVE-2004-0016 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files. | ||||
| CVE-2004-0017 | 1 Phpgroupware | 1 Phpgroupware | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations. | ||||
| CVE-2004-0028 | 1 Samba | 1 Jitterbug | 2025-04-03 | N/A |
| jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands. | ||||
| CVE-2004-0029 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | N/A |
| Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges. | ||||
| CVE-2004-1303 | 1 Yanf | 1 Yanf | 2025-04-03 | N/A |
| Buffer overflow in the get function in get.c for Yanf 0.4 allows remote malicious web servers to execute arbitrary code via crafted HTTP responses. | ||||
| CVE-2004-0042 | 1 Beasts | 1 Vsftpd | 2025-04-03 | N/A |
| vsftpd 1.1.3 generates different error messages depending on whether or not a valid username exists, which allows remote attackers to identify valid usernames. | ||||
| CVE-2004-0045 | 1 Isc | 1 Inn | 2025-04-03 | N/A |
| Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code. | ||||
| CVE-2004-0046 | 1 Snapstream | 1 Snapstream Pvs | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in SnapStream PVS LITE allows remote attackers to inject arbitrary web script or HTML via a GET request containing a terminating '"' (double quote) character. | ||||
| CVE-2004-0078 | 2 Mutt, Redhat | 3 Mutt, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages. | ||||
| CVE-2004-0080 | 2 Andries Brouwer, Redhat | 2 Util-linux, Enterprise Linux | 2025-04-03 | N/A |
| The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data. | ||||
| CVE-2004-0082 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-03 | N/A |
| The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password. | ||||
| CVE-2004-0095 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | N/A |
| McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow. | ||||
| CVE-2004-0097 | 2 Openh323 Project, Redhat | 3 Pwlib, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||
| CVE-2004-0094 | 2 Redhat, Xfree86 Project | 2 Enterprise Linux, X11r6 | 2025-04-03 | N/A |
| Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI). | ||||