| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-1458 | 5.0 |
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.
|
30-10-2018 - 16:25 | 31-12-2004 - 05:00 | |
| CVE-2017-1126 | 5.0 |
IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. IBM X-Force ID: 121341.
|
13-10-2017 - 13:14 | 04-10-2017 - 01:29 | |
| CVE-2004-0798 | 7.5 |
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
|
05-10-2017 - 01:29 | 20-10-2004 - 04:00 | |
| CVE-2014-8988 | 4.0 |
MantisBT before 1.2.18 allows remote authenticated users to bypass the $g_download_attachments_threshold and $g_view_attachments_threshold restrictions and read attachments for private projects by leveraging access to a project that does not restrict
|
08-09-2017 - 01:29 | 24-11-2014 - 15:59 | |
| CVE-2006-6920 | 6.8 |
Cross-site scripting (XSS) vulnerability in Nucleus before 3.24 allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly involving (1) lib/ADMIN.php and (2) lib/SKIN.php.
|
29-07-2017 - 01:29 | 11-01-2007 - 23:28 | |
| CVE-2004-1748 | 2.1 |
NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1747 | 4.3 |
Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 allows remote attackers to inject arbitrary web script or HTML via the DHCP HOSTNAME option.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1459 | 5.0 |
Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1461 | 7.5 |
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1460 | 7.5 |
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a bla
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-2137 | 5.0 |
Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sens
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1750 | 5.0 |
RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 | |
| CVE-2004-1749 | 5.0 |
Attack Mitigator IPS 5500 3.11.008, and possibly other versions, when configured in a one-armed routing configuration, allows remote attackers to cause a denial of service (CPU consumption) via a large number of HTTP requests.
|
11-07-2017 - 01:31 | 22-07-2004 - 04:00 | |
| CVE-2004-1390 | 10.0 |
Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9)
|
11-07-2017 - 01:30 | 31-12-2004 - 05:00 | |
| CVE-2016-0488 | 6.4 |
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing fo
|
22-12-2016 - 14:38 | 21-01-2016 - 03:00 | |
| CVE-2013-4672 | 7.2 |
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
|
17-01-2014 - 05:17 | 01-08-2013 - 13:32 | |
| CVE-2008-3966 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via (1) a certain referrer field in usercp2.php, (2) a certain location field in inc/function
|
15-11-2008 - 07:19 | 11-09-2008 - 01:13 | |
| CVE-2008-3967 | 7.5 |
moderation.php in MyBB (aka MyBulletinBoard) before 1.4.1 does not properly check for moderator privileges, which has unknown impact and remote attack vectors. Patch information - http://community.mybboard.net/showthread.php?tid=36022
|
15-11-2008 - 07:19 | 11-09-2008 - 01:13 | |
| CVE-2008-3965 | 7.5 |
SQL injection vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.4.1 allows remote attackers to execute arbitrary SQL commands via a certain editor field. Patch information - http://community.mybboard.net/showthread.php?tid=36022
|
15-11-2008 - 07:19 | 11-09-2008 - 01:13 | |
| CVE-2000-0287 | 10.0 |
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter.
|
10-09-2008 - 19:04 | 12-04-2000 - 04:00 |