CVE-2004-1552

CVE-2004-1552 - SQL injection vulnerability in aspWebCalendar allows remote attackers to execute arbitrary SQL statements via (1) the username field on the login page or (2) the eventid parameter to calendar.asp. ...
7 years ago

CVE-2004-1159 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1122, CVE-2004-1314. Reason: this was an out-of-band assignment duplicate intended for one issue, but the description and references inadvertently combined multiple issues. ...
54 years ago Tenable.com

CVE-2004-0868 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candidate is a duplicate of CVE-2004-0866. Notes: The description for CVE-2004-0866 was inadvertently attached to this issue instead. All CVE users should ...
54 years ago Tenable.com

CVE-2008-1552 - The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a ...
6 years ago

CVE-2011-1552 - t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a ...
5 years ago

CVE-1999-1552 - dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. ...
16 years ago

CVE-2001-1552 - ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be ...
16 years ago

CVE-2014-1552 - Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction ...
7 years ago

CVE-2005-1552 - GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers to gain sensitive information via a ...
7 years ago

CVE-2006-1552 - Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated using Safari, aka "Deja-Doom". ...
7 years ago

CVE-2009-1552 - Unspecified vulnerability in the IGMP driver in SCO Unixware Release 7.1.4 Maintenance Pack 4 allows attackers to cause a denial of service (system panic) via unspecified vectors. ...
7 years ago

CVE-2002-1552 - Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager. ...
7 years ago

CVE-2017-1552 - IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote attacker could exploit this vulnerability to conduct various attacks against the vulnerable system, ...
7 years ago

CVE-2010-1552 - Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters. ...
6 years ago

CVE-2007-1552 - Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type ...
6 years ago

CVE-2003-1552 - Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/. ...
6 years ago

CVE-2018-1552 - IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types can be uploaded to the control room. By uploading a malicious ...
5 years ago

CVE-2021-1552 - Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 500 Series Wireless Access Points could allow an authenticated, remote attacker to perform command injection attacks against an affected ...
3 years ago

CVE-2020-1552 - An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. ...
10 months ago

CVE-2013-1552 - Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. ...
2 years ago

CVE-2022-1552 - A flaw was found in PostgreSQL. There is an issue with incomplete efforts to operate safely when a privileged user is maintaining another user's objects. The Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck ...
2 years ago

CVE-2019-1552 - OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / ...
2 years ago

CVE-2024-1552 - Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < ...
9 months ago

CVE-2023-1552 - ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context ...
1 year ago

CVE-2004-1060 - Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't ...
6 years ago