Latest CVE Feed
-
5.0
MEDIUMCVE-2004-1749
Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests.... Read more
Affected Products : attack_mitigator- EPSS Score: %0.76
- Published: Jul. 22, 2004
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2004-2055
Cross-site scripting (XSS) vulnerability in search.php for PhpBB 2.0.4 and 2.0.9 allows remote attackers to inject arbitrary HTMl or web script via the search_author parameter.... Read more
Affected Products : phpbb- EPSS Score: %0.44
- Published: Jul. 19, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0444
Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow re... Read more
Affected Products : client_security norton_internet_security norton_antispam norton_personal_firewall client_firewall- EPSS Score: %58.00
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0470
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2, when editing weblogic.xml using WebLogic Builder or the SecurityRoleAssignmentMBean.toXML method, inadvertently removes security-role-assignment tags when weblogic.xml does not ... Read more
Affected Products : weblogic_server- EPSS Score: %2.33
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
5.1
MEDIUMCVE-2004-0430
Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes... Read more
- EPSS Score: %80.74
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0400
Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.... Read more
Affected Products : exim- EPSS Score: %6.39
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0411
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the ass... Read more
Affected Products : konqueror- EPSS Score: %6.49
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.... Read more
Affected Products : rsync- EPSS Score: %2.43
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0427
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows local use... Read more
Affected Products : linux_kernel- EPSS Score: %0.16
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0399
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.... Read more
Affected Products : exim- EPSS Score: %42.08
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-0485
The default protocol helper for the disk: URI on Mac OS X 10.3.3 and 10.2.8 allows remote attackers to write arbitrary files by causing a disk image file (.dmg) to be mounted as a disk volume.... Read more
- EPSS Score: %1.76
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0397
Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command.... Read more
Affected Products : subversion- EPSS Score: %86.59
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
7.6
HIGHCVE-2004-0489
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier allows remote attackers to (1) execute arbitrary code via the ProxyCommand option or (2) conduct port forwarding via the -R option.... Read more
- EPSS Score: %14.29
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2004-0469
Buffer overflow in the ISAKMP functionality for Check Point VPN-1 and FireWall-1 NG products, before VPN-1/FireWall-1 R55 HFA-03, R54 HFA-410 and NG FP3 HFA-325, or VPN-1 SecuRemote/SecureClient R56, may allow remote attackers to execute arbitrary code du... Read more
- EPSS Score: %6.45
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2004-0471
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce site restrictions for starting and stopping servers for users in the Admin and Operator security roles, which allows unauthorized users to cause a denial of serv... Read more
Affected Products : weblogic_server- EPSS Score: %0.06
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2004-0482
Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly... Read more
- EPSS Score: %0.09
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2004-0484
mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of service (crash) via a table containing a form that crosses multiple td elements, and whose "float: left" class is defined in a link to a CSS stylesheet after t... Read more
Affected Products : internet_explorer- EPSS Score: %26.84
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-0437
Titan FTP Server version 3.01 build 163, and possibly other versions before build 169, allows remote authenticated users to cause a denial of service (crash) by disconnecting from the system during a "LIST -L" command, which causes Titan to access an inva... Read more
Affected Products : titan_ftp_server- EPSS Score: %6.79
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2004-0478
Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrat... Read more
Affected Products : mozilla- EPSS Score: %0.74
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-0459
The Clear Channel Assessment (CCA) algorithm in the IEEE 802.11 wireless protocol, when using DSSS transmission encoding, allows remote attackers to cause a denial of service via a certain RF signal that causes a channel to appear busy (aka "jabber"), whi... Read more
Affected Products : 802.11_wireless_protocol- EPSS Score: %3.97
- Published: Jul. 07, 2004
- Modified: Apr. 03, 2025