Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-2360 1 Targem Games 1 Battle Mages 2025-04-03 N/A
Targem Battle Mages 1.0 allows remote attackers to cause a denial of service (infinite loop) via a UDP packet with incomplete data, which causes the server to enter an infinite loop while waiting to read the rest of the data that is not sent.
CVE-2004-2368 1 The Opt-x Project 1 Opt-x 2025-04-03 N/A
PHP remote file inclusion vulnerability in header.php in Opt-X 0.7.2 allows remote attackers to execute arbitrary PHP code via the systempath parameter.
CVE-2004-2369 1 Ibm 1 Lotus Domino 2025-04-03 N/A
Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.
CVE-2004-2370 1 Cerulean Studios 2 Trillian, Trillian Pro 2025-04-03 N/A
Stack-based buffer overflow in Trillian 0.71 through 0.74f and Trillian Pro 1.0 through 2.01 allows remote attackers to execute arbitrary code via a Yahoo Messenger packet with a long key name.
CVE-2004-2376 1 Twilight Utilities 1 Twilight Utilities Web Server 2025-04-03 N/A
Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request with a long attfile attribute.
CVE-2004-2378 1 Calacode 1 At Mail Webmail System 2025-04-03 N/A
@Mail 3.64 for Windows allows remote attackers to cause a denial of service ("unusable" server) via a large number of POP3 connections to the server.
CVE-2004-2387 2 Denis Sbragion, Peter Astrand 2 Sredird, Sercd 2025-04-03 N/A
Buffer overflow in the HandleCPCCommand function of sercd before 2.3.1 and sredird 2.2.1 and earlier allows remote attackers to execute arbitrary code.
CVE-2004-2388 1 Ibm 1 Aix 2025-04-03 N/A
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
CVE-2004-2393 1 Sun 1 Jsse 2025-04-03 N/A
Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS.
CVE-2004-2395 1 Mandrakesoft 3 Mandrake Linux, Mandrake Linux Corporate Server, Mandrake Multi Network Firewall 2025-04-03 N/A
Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
CVE-2004-2403 1 Yabb 1 Yabb 2025-04-03 N/A
Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.
CVE-2004-2416 1 Youngzsoft 1 Ccproxy 2025-04-03 N/A
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2005-0264 1 Owl 1 Owl Intranet Engine 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in browse.php in OWL 0.7 and 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) expand or (2) order parameter.
CVE-2005-0271 1 Photopost 1 Reviewpost Php Pro 2025-04-03 N/A
Multiple SQL injection vulnerabilities in ReviewPost PHP Pro before 2.84 allow remote attackers to execute arbitrary SQL commands via the (1) cat parameter to showcat.php or (2) product parameter to addfav.php.
CVE-2005-0272 1 Photopost 1 Reviewpost Php Pro 2025-04-03 N/A
ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.
CVE-2005-0274 1 Photopost 1 Photopost Php Pro 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) si, (3) page, or (4) ppuser parameters.
CVE-2005-0275 1 3com 1 3cdaemon 2025-04-03 N/A
TFTP in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) via a GET request containing an MS-DOS device name.
CVE-2005-0278 1 3com 1 3cdaemon 2025-04-03 N/A
The FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to gain sensitive information via a cd command that contains an MS-DOS device name, which reveals the installation path in an error message.
CVE-2005-0280 1 Jowood Productions 1 Soldner Secret Wars 2025-04-03 N/A
Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message.
CVE-2005-0281 1 Jowood Productions 1 Soldner Secret Wars 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in the web interface in Soldner Secret Wars 30830 allows remote attackers to inject arbitrary web script or HTML via a user message, which is not filtered or quoted when the administrator views the server logs.