ReportizFlow
Filtered by vendor
Subscriptions
Total
29910 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1192 | 1 Citadel | 1 Ux | 2026-04-16 | N/A |
| Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server. | ||||
| CVE-2004-1194 | 1 Lucasarts | 1 Star Wars Battlefront | 2026-04-16 | N/A |
| Buffer overflow in Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a long nickname. | ||||
| CVE-2004-1199 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | ||||
| CVE-2004-1209 | 1 Verisign | 1 Payflow Link | 2026-04-16 | N/A |
| Verisign Payflow Link, when running with empty Accepted URL fields, does not properly verify the data in the hidden AMOUNT field, which allows remote attackers to modify the price of the items that they purchase. | ||||
| CVE-2004-2522 | 1 Geeos Team | 1 Gattaca Server 2003 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in web.tmpl in Gattaca Server 2003 1.1.10.0 allows remote attackers to inject arbitrary web script or HTML via the (1) template or (2) language parameter. | ||||
| CVE-2004-1220 | 1 Digital Illusions | 2 Battlefield 1942, Battlefield Vietnam | 2026-04-16 | N/A |
| Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference. | ||||
| CVE-2004-1222 | 1 Darryl Burgdorf | 1 Weblibs | 2026-04-16 | N/A |
| weblibs.pl in WebLibs 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the TextFile parameter. | ||||
| CVE-2004-1231 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Directory traversal vulnerability in Gadu-Gadu allows remote attackers to read arbitrary files via .. (dot dot) sequences in a DCC connection with a CTCP packet that contains a 1 as the type and a 4 as the subtype. | ||||
| CVE-2004-1270 | 2 Easy Software Products, Redhat | 3 Cups, Enterprise Linux, Fedora Core | 2026-04-16 | N/A |
| lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. | ||||
| CVE-2004-1273 | 1 Greed | 1 Greed | 2026-04-16 | N/A |
| Buffer overflow in the DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary code via a GRX file containing a long filename. | ||||
| CVE-2005-0288 | 1 Bottomline | 1 Webseries Payment Application | 2026-04-16 | N/A |
| The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords. | ||||
| CVE-2004-1281 | 1 Junkie | 1 Junkie Ftp Client | 2026-04-16 | N/A |
| The ftp_retr function in junkie 0.3.1 allows remote malicious FTP servers to overwrite arbitrary files via .. (dot dot) sequences in a filename. | ||||
| CVE-2004-1282 | 1 Linpopup | 1 Linpopup | 2026-04-16 | N/A |
| Buffer overflow in the strexpand function in string.c for LinPopUp 1.2.0 allows remote attackers to execute arbitrary code via a crafted message that is not properly handled during a Reply operation. | ||||
| CVE-2004-1285 | 1 Mplayer | 1 Mplayer | 2026-04-16 | N/A |
| Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream. | ||||
| CVE-2004-1290 | 1 William Hoggarth | 1 Pgn2web | 2026-04-16 | N/A |
| Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a crafted PGN file. | ||||
| CVE-2004-1292 | 1 Michael Kohn | 1 Ringtonetools | 2026-04-16 | N/A |
| Buffer overflow in the parse_emelody function in parse_emelody.c for ringtonetools 2.22 allows remote attackers to execute arbitrary code via a crafted eMelody file. | ||||
| CVE-2004-1303 | 1 Yanf | 1 Yanf | 2026-04-16 | N/A |
| Buffer overflow in the get function in get.c for Yanf 0.4 allows remote malicious web servers to execute arbitrary code via crafted HTTP responses. | ||||
| CVE-2004-1307 | 11 Apple, Avaya, Conectiva and 8 more | 20 Mac Os X, Mac Os X Server, Call Management System Server and 17 more | 2026-04-16 | N/A |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | ||||
| CVE-2004-1312 | 1 Gfi | 2 Mailessentials, Mailsecurity | 2026-04-16 | N/A |
| A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues. | ||||
| CVE-2004-1318 | 1 Namazu | 1 Namazu | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized. | ||||