Vulnerabilities (CVE)

Total 174711 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-1777 1 Skype Technologies 1 Skype 2008-09-05 5.0 MEDIUM N/A
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
CVE-2004-1780 1 Info Touch 1 Surfnet 2008-09-05 4.6 MEDIUM N/A
Info Touch Surfnet kiosk allows local users to deposit extra time into Internet kiosk accounts via repeated authentication attempts.
CVE-2004-1781 1 Info Touch 1 Surfnet 2008-09-05 4.6 MEDIUM N/A
Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command.
CVE-2004-1783 1 Net2soft 1 Flash Ftp Server 2008-09-05 7.5 HIGH N/A
Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read and create arbitrary files via a /.. (slash dot dot).
CVE-2004-1785 1 Invision Power Services 1 Invision Board 2008-09-05 7.5 HIGH N/A
SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.
CVE-2004-1788 1 Asp-nuke 1 Asp-nuke 2008-09-05 5.0 MEDIUM N/A
ASP-Nuke 1.3 and earlier places user credentials under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to main.mdb.
CVE-2004-1791 1 Edimax 1 Full Rate Adsl Router 2008-09-05 7.5 HIGH N/A
The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access.
CVE-2004-1795 1 Info Touch 1 Surfnet 2008-09-05 2.1 LOW N/A
Info Touch Surfnet kiosk allows local users to access the underlying filesystem via a 'file://' URI.
CVE-2004-1891 1 Sgi 1 Irix 2008-09-05 5.0 MEDIUM N/A
The ftp_syslog function in ftpd in SGI IRIX 6.5.20 "doesn't work with anonymous FTP," which has an unknown impact, possibly preventing the actions of anonymous users from being logged.
CVE-2004-2001 1 Sgi 1 Irix 2008-09-05 4.6 MEDIUM N/A
ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.
CVE-2004-2024 1 Zen Cart 1 Zen Cart 2008-09-05 7.5 HIGH N/A
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php.
CVE-2004-1342 1 Cvs 1 Cvs 2008-09-05 7.5 HIGH N/A
CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.
CVE-2004-1343 1 Cvs 1 Cvs 2008-09-05 5.0 MEDIUM N/A
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).
CVE-2004-1374 1 Netbsd 1 Netbsd 2008-09-05 7.2 HIGH N/A
Multiple buffer overflows in NetBSD kernel may allow local users to execute arbitrary code and gain privileges.
CVE-2004-1449 2 Firebirdsql, Mozilla 3 Firebird, Mozilla, Thunderbird 2008-09-05 2.6 LOW N/A
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control.
CVE-2004-1450 1 Mozilla 1 Mozilla 2008-09-05 5.0 MEDIUM N/A
Unknown vulnerability in LiveConnect in Mozilla 1.7 beta allows remote attackers to read arbitrary files in known locations.
CVE-2004-1451 1 Mozilla 1 Mozilla 2008-09-05 2.6 LOW N/A
Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks.
CVE-2004-1489 1 Opera Software 1 Opera Web Browser 2008-09-05 2.6 LOW N/A
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory.
CVE-2004-0997 1 Linux 1 Linux Kernel 2008-09-05 4.6 MEDIUM N/A
Unspecified vulnerability in the ptrace MIPS assembly code in Linux kernel 2.4 before 2.4.17 allows local users to gain privileges via unknown vectors.
CVE-2004-1039 1 Sco 2 Openserver, Unixware 2008-09-05 5.0 MEDIUM N/A
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.