CVE-2004-2438

CVE-2007-2653 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2438. Reason: This candidate is a duplicate of CVE-2007-2438. Notes: All CVE users should reference CVE-2007-2438 instead of this candidate. All references and descriptions in ...
54 years ago Tenable.com

CVE-2004-2438 - Cross-site scripting (XSS) vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the (1) Submit News, (2) Submit Link or (3) Submit Article field. ...
7 years ago

CVE-2004-1159 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1122, CVE-2004-1314. Reason: this was an out-of-band assignment duplicate intended for one issue, but the description and references inadvertently combined multiple issues. ...
54 years ago Tenable.com

CVE-2004-0868 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candidate is a duplicate of CVE-2004-0866. Notes: The description for CVE-2004-0866 was inadvertently attached to this issue instead. All CVE users should ...
54 years ago Tenable.com

CVE-2016-2438 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2547, CVE-2016-2548. Reason: This candidate is a duplicate of CVE-2016-2547 and CVE-2016-2548. Notes: All CVE users should reference CVE-2016-2547 and/or CVE-2016-2548 instead of ...
54 years ago Tenable.com

CVE-2024-2438 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-47851. Reason: This candidate is a reservation duplicate of CVE-2023-47851. Notes: All CVE users should reference CVE-2023-47851 instead of this candidate. All ...
8 months ago

CVE-2009-2438 - Cross-site scripting (XSS) vulnerability in index.php in the search module in ClanSphere 2009.0 and 2009.0.2 allows remote attackers to inject arbitrary web script or HTML via the text parameter in a list action. NOTE: this might overlap ...
15 years ago

CVE-2005-2438 - Cross-site scripting (XSS) vulnerability in UseBB 0.5.1 and earlier allows remote attackers to inject arbitrary Javascript via the BBCode color value. ...
11 months ago

CVE-2017-2438 - An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "AppleRAID" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service ...
7 years ago

CVE-2006-2438 - Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to read arbitrary files under other web roots via the contextpath parameter. NOTE: this ...
7 years ago

CVE-2010-2438 - SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL commands via the lang parameter to the default URI, probably index.php. ...
7 years ago

CVE-2012-2438 - ar web content manager (AWCM) 2.2 does not restrict the number of comment records that can be submitted through HTTP requests, which allows remote attackers to cause a denial of service (disk consumption) via the coment parameter to (1) ...
7 years ago

CVE-2011-2438 - Multiple stack-based buffer overflows in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors. ...
7 years ago

CVE-2013-2438 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. ...
7 years ago

CVE-2008-2438 - Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow. ...
6 years ago

CVE-2007-2438 - The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines. Successful exploitation requires that the ...
6 years ago

CVE-2018-2438 - The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. ...
5 years ago

CVE-2019-2438 - Vulnerability in the Oracle Web Cache component of Oracle Fusion Middleware (subcomponent: ESI/Partial Page Caching). The supported version that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows unauthenticated attacker with ...
4 years ago

CVE-2021-2438 - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network ...
3 years ago

CVE-2014-2438 - Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication. ...
2 years ago

CVE-2002-2438 - TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling. ...
1 year ago

CVE-2022-2438 - The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input via the '$log_file' value in versions up to, and including 1.11.16. This makes it possible for authenticated attackers with administrative ...
11 months ago

CVE-2015-2438 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none ...
54 years ago Tenable.com

CVE-2024-36979 - In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix vlan use-after-free syzbot reported a suspicious rcu usage[1] in bridge's mst code. While fixing it I noticed that nothing prevents a vlan to be freed while ...
5 months ago Tenable.com

CVE-2024-36939 - In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). syzkaller reported a warning [0] triggered while destroying immature netns. rpc_proc_register() was called in ...
5 months ago Tenable.com