Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1539 | 1 Gearbox Software | 1 Halo Combat Evolved | 2025-04-03 | N/A |
| Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference. | ||||
| CVE-2004-1540 | 1 Zyxel | 2 Prestige, Zynos | 2025-04-03 | N/A |
| ZyXEL Prestige 623, 650, and 652 HW Routers, and possibly other versions, with HTTP Remote Administration enabled, does not require a password to access rpFWUpload.html, which allows remote attackers to reset the router configuration file. | ||||
| CVE-2004-1541 | 1 Van Dyke Technologies | 1 Securecrt | 2025-04-03 | N/A |
| SecureCRT 4.0, 4.1, and possibly other versions, allows remote attackers to execute arbitrary commands via a telnet:// URL that uses the /F option to specify a configuration file on a samba share. | ||||
| CVE-2004-1542 | 1 Raven Software | 1 Soldier Of Fortune | 2025-04-03 | N/A |
| Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply. | ||||
| CVE-2004-1546 | 1 Alt-n | 1 Mdaemon | 2025-04-03 | N/A |
| Multiple buffer overflows in MDaemon 6.5.1 allow remote attackers to cause a denial of service (application crash) via a long (1) SAML, SOML, SEND, or MAIL command to the SMTP server or (2) LIST command to the IMAP server. | ||||
| CVE-2004-1548 | 1 Onnuri Infotek | 1 Activepost Standard | 2025-04-03 | N/A |
| Directory traversal vulnerability in the file server in ActivePost Standard 3.1 allows remote authenticated users to upload arbitrary files via a .. (dot dot) in the filename. | ||||
| CVE-2004-1549 | 1 Onnuri Infotek | 1 Activepost Standard | 2025-04-03 | N/A |
| The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection. | ||||
| CVE-2004-1550 | 1 Motorola | 1 Wr850g | 2025-04-03 | N/A |
| Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on. | ||||
| CVE-2004-1551 | 1 Php Arena | 1 Pafiledb | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in the (1) email or (2) file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter. | ||||
| CVE-2004-1552 | 1 Full Revolution | 1 Aspwebcalendar | 2025-04-03 | N/A |
| SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp. | ||||
| CVE-2004-1587 | 1 Monolith Productions | 4 Alien Versus Predator, Blood, No One Lives Forever and 1 more | 2025-04-03 | N/A |
| Buffer overflow in Monolith games including (1) Alien versus Predator 2 1.0.9.6 and earlier, (2) Blood 2 2.1 and earlier, (3) No one lives forever 1.004 and earlier and (4) Shogo 2.2 and earlier allows remote attackers to cause a denial of service (application crash) via a long secure Gamespy query. | ||||
| CVE-2004-1588 | 1 Gosmart | 1 Gosmart Message Board | 2025-04-03 | N/A |
| SQL injection vulnerability in GoSmart Message Board allows remote attackers to execute arbitrary SQL code via the (1) QuestionNumber and Category parameters to Forum.asp or (2) Username and Password parameter to Login_Exec.asp. | ||||
| CVE-2004-1589 | 1 Gosmart | 1 Gosmart Message Board | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in GoSmart Message Board allows remote attackers to execute inject web script or HTML via the (1) Category parameter to Forum.asp or (2) MainMessageID parameter to ReplyToQuestion.asp. | ||||
| CVE-2004-1590 | 1 Clientexec | 1 Clientexec | 2025-04-03 | N/A |
| Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function. | ||||
| CVE-2004-1607 | 2 Best Software, Saleslogix Corporation | 2 Saleslogix, Saleslogix | 2025-04-03 | N/A |
| slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment request with an invalid file parameter, which reveals the path in an error message. | ||||
| CVE-2004-1623 | 1 Microsoft | 1 Windows Xp | 2025-04-03 | N/A |
| The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF. | ||||
| CVE-2004-1626 | 1 Code-crafters | 1 Ability Server | 2025-04-03 | N/A |
| Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command. | ||||
| CVE-2004-1627 | 1 Code-crafters | 1 Ability Server | 2025-04-03 | N/A |
| Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command. | ||||
| CVE-2004-1642 | 1 Texas Imperial Software | 1 Wftpd | 2025-04-03 | N/A |
| WFTPD Pro Server 3.21 allows remote authenticated users to cause a denial of service (crash) via a series of long MLIST commands. | ||||
| CVE-2004-1643 | 1 Progress | 1 Ws Ftp Server | 2025-04-03 | N/A |
| WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence. | ||||