ReportizFlow
Filtered by vendor
Subscriptions
Total
29885 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1645 | 1 Jerod Moemeka | 1 Xedus | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x. | ||||
| CVE-2004-1650 | 1 D-link | 1 Dcs-900 Internet Camera | 2025-04-03 | N/A |
| D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet. | ||||
| CVE-2004-0988 | 1 Apple | 1 Quicktime | 2025-04-03 | N/A |
| Integer overflow on Apple QuickTime before 6.5.2, when running on Windows systems, allows remote attackers to cause a denial of service (memory consumption) via certain inputs that cause a large memory operation. | ||||
| CVE-2002-1535 | 1 Symantec | 2 Enterprise Firewall, Raptor Firewall | 2025-04-03 | N/A |
| Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present. | ||||
| CVE-2004-1652 | 1 Brickhost | 1 Phpscheduleit | 2025-04-03 | N/A |
| phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges. | ||||
| CVE-2004-1657 | 1 Newtelligence | 1 Dasblog | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers. | ||||
| CVE-2004-1658 | 1 Kerio | 1 Personal Firewall | 2025-04-03 | N/A |
| Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \device\physicalmemory to restore the running kernel's SDT ServiceTable. | ||||
| CVE-2002-1557 | 1 Cisco | 1 Optical Networking Systems Software | 2025-04-03 | N/A |
| Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | ||||
| CVE-2004-1660 | 1 Cutephp | 1 Cutenews | 2025-04-03 | N/A |
| PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP code via the cutepath parameter to (1) show_archives.php or (2) show_news.php. | ||||
| CVE-2004-1662 | 1 Yabb | 1 Yabb | 2025-04-03 | N/A |
| YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message. | ||||
| CVE-2004-1728 | 1 British National Corpus | 1 Sara | 2025-04-03 | N/A |
| Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string. | ||||
| CVE-2002-1641 | 1 Oracle | 1 Application Server Web Cache | 2025-04-03 | N/A |
| Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2004-1739 | 1 Bird Chat | 1 Internet Chat Server | 2025-04-03 | N/A |
| Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users. | ||||
| CVE-2004-1742 | 1 Web-app.org | 1 Webapp | 2025-04-03 | N/A |
| Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. | ||||
| CVE-2004-1756 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers. | ||||
| CVE-2002-1708 | 1 Basilix | 1 Basilix Webmail | 2025-04-03 | N/A |
| Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute arbitrary script as other users by injecting script into the (1) subject or (2) message fields. | ||||
| CVE-2004-1757 | 1 Bea | 1 Weblogic Server | 2025-04-03 | N/A |
| BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges. | ||||
| CVE-2002-1730 | 1 Aspjar | 1 Aspjar Guestbook | 2025-04-03 | N/A |
| ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp administrative script with certain cookie values set to "true". | ||||
| CVE-2002-1733 | 1 Prospero Technologies | 1 Prospero Message Board | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies allows remote attackers to inject arbitrary web script or HTML via a message board post. | ||||
| CVE-2004-1841 | 1 Ms Analysis | 1 Website Traffic Analyzer | 2025-04-03 | N/A |
| SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request. | ||||