Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1346 1 Sun 1 Solaris 2025-04-03 N/A
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.
CVE-2004-1347 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request.
CVE-2004-1348 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
CVE-2004-1356 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
CVE-2004-1358 1 Sun 1 Solaris 2025-04-03 N/A
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
CVE-2004-1359 1 Sun 2 Solaris, Sunos 2025-04-03 N/A
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
CVE-2004-1375 1 Hp 1 Hp-ux 2025-04-03 N/A
Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges.
CVE-2004-1379 1 Xine 2 Xine, Xine-lib 2025-04-03 N/A
Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field.
CVE-2004-1382 2 Gnu, Redhat 2 Glibc, Enterprise Linux 2025-04-03 N/A
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
CVE-2004-1383 1 Phpgroupware 1 Phpgroupware 2025-04-03 N/A
Multiple SQL injection vulnerabilities in phpGroupWare 0.9.16.003 and earlier allow remote attackers to execute arbitrary SQL statements via the (1) order, (2) project_id, (3) pro_main, or (4) hours_id parameters to index.php or (5) ticket_id to viewticket_details.php.
CVE-2004-1389 1 Veritas 1 Netbackup 2025-04-03 N/A
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature.
CVE-2004-1399 1 Opentools 1 Attachment Mod 2025-04-03 N/A
Directory traversal vulnerability in the Attachment module 2.3.10 and earlier for phpBB allows remote attackers to read arbitrary files via a .. (dot dot) in the filename.
CVE-2004-1401 1 Asp-rider 1 Asp-rider 2025-04-03 N/A
SQL injection vulnerability in verify.asp in Asp-rider allows remote attackers to execute arbitrary SQL statements and bypass authentication via the username parameter.
CVE-2004-1407 1 Singapore 1 Image Gallery Web Application 2025-04-03 N/A
Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php.
CVE-2004-1408 1 Singapore 1 Image Gallery Web Application 2025-04-03 N/A
The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files.
CVE-2004-1409 1 Singapore 1 Image Gallery Web Application 2025-04-03 N/A
Multiple cross-site scripting vulnerabilities in Image Gallery Web Application 0.9.10 allow remote attackers to inject arbitrary web script or HTML.
CVE-2004-1411 1 Gadu-gadu 1 Gadu-gadu Instant Messenger 2025-04-03 N/A
Gadu-Gadu build 155 and earlier allows remote attackers to cause a denial of service (infinite loop) via a message that contains an image whose filename does not start with restricted characters.
CVE-2004-1412 1 Kayako 1 Esupport 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.x allows remote attackers to inject arbitrary web script or HTML via the searchm parameter.
CVE-2004-1420 1 Whm 1 Autopilot 2025-04-03 N/A
Multiple cross-site scripting (XSS) vulnerabilities in header.php in WHM AutoPilot 2.4.6.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) site_title or (2) http_images parameter.
CVE-2004-1426 1 Korweblog 1 Korweblog 2025-04-03 N/A
Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.