Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2397 | Cleartext Storage of Sensitive Information vulnerability in Broadcom Bluecoat Security Gateway The web-based Management Console in Blue Coat Security Gateway OS 3.0 through 3.1.3.13 and 3.2.1, when importing a private key, stores the key and its passphrase in plaintext in a log file, which allows attackers to steal digital certificates. | 7.5 |
| 2004-12-31 | CVE-2004-2172 | Inadequate Encryption Strength vulnerability in Netsourcecommerce Productcart EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack. | 7.5 |
| 2004-12-31 | CVE-2004-2013 | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | 7.8 |
| 2004-12-31 | CVE-2004-1842 | Cross-Site Request Forgery (CSRF) vulnerability in PHPnuke PHP-Nuke Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | 8.8 |
| 2004-12-23 | CVE-2004-0816 | Integer Underflow (Wrap or Wraparound) vulnerability in Linux Kernel Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet. | 7.5 |
| 2004-12-03 | CVE-2004-1083 | Improper Handling of Case Sensitivity vulnerability in Apple products Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization. | 7.5 |
| 2004-11-23 | CVE-2004-0346 | Off-by-one Error vulnerability in Proftpd 1.2.7/1.2.8/1.2.9 Off-by-one buffer overflow in _xlate_ascii_write() in ProFTPD 1.2.7 through 1.2.9rc2p allows local users to gain privileges via a 1024 byte RETR command. | 7.8 |
| 2004-11-23 | CVE-2004-0079 | NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | 7.5 |
| 2004-10-20 | CVE-2004-0747 | Incorrect Calculation of Buffer Size vulnerability in Apache Http Server Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. | 7.8 |
| 2004-09-28 | CVE-2004-0689 | Link Following vulnerability in multiple products KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files. | 7.1 |