Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-10-26 | CVE-2004-1637 | Unspecified vulnerability in Hawking Technology Har11A DSL Router The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, which displays a management interface and information on established connections. | 7.5 |
| 2004-10-23 | CVE-2004-1629 | SQL Injection vulnerability in DWC_Articles Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier allow remote attackers to execute arbitrary SQL statements. | 7.5 |
| 2004-10-22 | CVE-2004-1627 | Remote Buffer Overflow vulnerability in Code-Crafters Ability Server 2.2.5/2.3.2/2.3.4 Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command. | 7.5 |
| 2004-10-21 | CVE-2004-1624 | Local Privilege Escalation vulnerability in Altiris Carbon Copy Remote Control System Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe). | 7.2 |
| 2004-10-21 | CVE-2004-1622 | SQL Injection vulnerability in Ubbcentral Ubb.Threads 3.4/3.5 SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter. | 7.5 |
| 2004-10-20 | CVE-2004-1619 | Remote Buffer Overflow vulnerability in Akella Privateers Bounty AGE of Sail II 1.4.51/1.55/1.56 Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname. | 7.5 |
| 2004-10-20 | CVE-2004-0798 | Remote Buffer Overflow vulnerability in Ipswitch WhatsUp Gold Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter. | 7.5 |
| 2004-10-20 | CVE-2004-0795 | Remote Command Server Privilege Escalation vulnerability in IBM DB2 Universal Database 8.1 DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. | 7.2 |
| 2004-10-20 | CVE-2004-0793 | Permissions, Privileges, and Access Controls vulnerability in Debian Bsdmainutils The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file. | 7.2 |
| 2004-10-20 | CVE-2004-0785 | Multiple vulnerability in Gaim Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder. | 7.5 |