Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-09-02 | CVE-2004-1661 | Authentication Bypass vulnerability in SiteCubed MailWorks Professional MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1." | 7.5 |
| 2004-09-01 | CVE-2004-1654 | Input Validation vulnerability in PHPWebSite SQL injection vulnerability in the calendar module in phpWebsite 0.9.3-4 and earlier allows remote attackers to execute arbitrary SQL commands via cal_template. | 7.5 |
| 2004-09-01 | CVE-2004-1372 | Buffer Overflow vulnerability in IBM DB2 Universal Database REC2XML and GENERATE_DISTFILE Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. | 7.2 |
| 2004-08-31 | CVE-2004-1774 | Buffer Overflow vulnerability in Oracle Application Server and Oracle10G Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter. | 7.2 |
| 2004-08-31 | CVE-2004-1652 | Remote Security vulnerability in Brickhost PHPscheduleit 1.0 phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges. | 7.5 |
| 2004-08-31 | CVE-2004-1650 | Remote Configuration vulnerability in D-Link Dcs-900 Internet Camera 2.10/2.20/2.28 D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet. | 7.5 |
| 2004-08-31 | CVE-2004-1649 | Local Security vulnerability in Windows 2000 Server Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. | 7.2 |
| 2004-08-30 | CVE-2004-1660 | Remote Security vulnerability in CuteNews PHP remote file inclusion vulnerability in CuteNews 1.3.6 and earlier allows remote attackers to execute arbitrary PHP code via the cutepath parameter to (1) show_archives.php or (2) show_news.php. | 7.5 |
| 2004-08-26 | CVE-2004-1681 | Utility Server Flag Buffer Overflow vulnerability in QNX Photon Microgui and RTP Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter. | 7.2 |
| 2004-08-24 | CVE-2004-1752 | Buffer Overflow vulnerability in NakedSoft Gaucho POP3 Email Header Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header. | 7.5 |