Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2609 1 Symantec 1 Powerquest Deploycenter 2025-04-03 N/A
The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer overflow.
CVE-2004-2648 1 Faronics 1 Freezex 2025-04-03 N/A
FreezeX 1.00.100.0666 allows local users with administrator privileges to cause a denial of service (FreezeX application) by overwriting the db.fzx file.
CVE-2004-2616 1 Onnuri Infotek 1 Activepost Standard 2025-04-03 N/A
The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message.
CVE-2004-2618 1 Pegasi Web Server 1 Pegasi Web Server 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to inject arbitrary web script or HTML via the URI, directly after the initial '/' (slash).
CVE-2004-2617 1 Pegasi Web Server 1 Pegasi Web Server 2025-04-03 N/A
Directory traversal vulnerability in Pegasi Web Server (PWS) 0.2.2 allows remote attackers to read files outside of the web root via a .. (dot dot) directly after the initial '/' (slash) in the URI.
CVE-2004-2624 1 Wackowiki 1 Wackowiki 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in "TextSearch" in WackoWiki 3.5 allows remote attackers to inject arbitrary web script or HTML via the "phrase" parameter.
CVE-2004-2625 1 Outblaze 1 Outblaze Email 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Outblaze Email allows remote attackers to inject arbitrary web script or HTML via Javascript in an attribute of an IMG tag.
CVE-2004-2627 1 Sun 1 J2me 2025-04-03 N/A
Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code.
CVE-2004-2658 1 Suse 1 Suse Linux 2025-04-03 N/A
resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types.
CVE-2004-2643 1 Microsoft 1 Cabarc 2025-04-03 N/A
Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive.
CVE-2004-2642 1 Nathaniel Bray 1 Yeemp 2025-04-03 N/A
Yeemp 0.9.9 and earlier does not properly encrypt inbound files, which allows remote attackers to spoof the identity of the sender.
CVE-2004-2644 1 Asn.1 Compiler 1 Asn.1 Compiler 2025-04-03 N/A
Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "ANY" type tags.
CVE-2004-2645 1 Asn.1 Compiler 1 Asn.1 Compiler 2025-04-03 N/A
Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures."
CVE-2004-2652 1 Sourcefire 1 Snort 2025-04-03 N/A
The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.
CVE-2004-2665 1 Hp 1 Hp-ux 2025-04-03 N/A
Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors.
CVE-2004-2667 1 Ibm 1 Lotus Domino 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
CVE-2005-2512 1 Apple 2 Mac Os X, Mail 2025-04-03 N/A
Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak.
CVE-2005-0014 1 Ncpfs 1 Ncpfs 2025-04-03 N/A
Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client.
CVE-2005-2514 1 Apple 1 Mac Os X 2025-04-03 N/A
Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.
CVE-2005-2683 1 Phpkit 1 Phpkit 2025-04-03 N/A
Multiple SQL injection vulnerabilities in PHPKit 1.6.1 allow remote attackers to execute arbitrary SQL commands via the (1) letter parameter to login/member.php or (2) im_receiver parameter to login/imcenter.php.