|
303811
|
7.5 |
HIGH
Network
|
zoo_project
|
zoo
|
Zoo 2.10 has Directory traversal
|
CWE-22
Path Traversal
|
CVE-2005-2349
|
2024-11-21 08:59 |
2019-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303812
|
9.8 |
CRITICAL
Network
|
wp-plugins
|
secure_files
|
A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. Affected is the function sf_downloads of the file secure-files.php. The ma…
|
-
|
CVE-2005-10002
|
2024-11-21 08:56 |
2023-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303813
|
6.1 |
MEDIUM
Network
|
broadcom
|
symantec_siteminder
|
A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The man…
|
CWE-601
Open Redirect
|
CVE-2005-10001
|
2024-11-21 08:56 |
2022-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303814
|
9.8 |
CRITICAL
Network
|
goscript_project
|
goscript
|
go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter.
|
NVD-CWE-Other
|
CVE-2004-2776
|
2024-11-21 08:54 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303815
|
7.5 |
HIGH
Network
|
underbit
|
libid3tag
|
id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition…
|
CWE-399
Resource Management Errors
|
CVE-2004-2779
|
2024-11-21 08:54 |
2018-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303816
|
7.1 |
HIGH
Local
|
gentoo
|
portage
|
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted comm…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2778
|
2024-11-21 08:54 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303817
|
- |
|
gehealthcare
|
centricity_image_vault_firmware
|
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value f…
|
CWE-255
Credentials Management
|
CVE-2004-2777
|
2024-11-21 08:54 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303818
|
- |
|
oracle
redhat
bsd_mailx_project
heirloom
|
linux
enterprise_linux
bsd_mailx
mailx
|
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
|
CWE-20
Improper Input Validation
|
CVE-2004-2771
|
2024-11-21 08:54 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303819
|
- |
|
cerberusftp
|
ftp_server
|
Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2769
|
2024-11-21 08:54 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303820
|
- |
|
tsugio_okamoto
|
lha
|
Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a di…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2004-0694
|
2024-11-21 08:49 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
