4d

Top products

The 14 most recently published vulnerabilities affecting 4d.

• CVE-2024-39847Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP7.5Apr 30, 2026
• CVE-2023-4770Uncontrolled Search Path Element Vulnerability in 4D and 4D Windows Server6.5Nov 30, 2023
• CVE-2023-30223A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.7.5Jun 16, 2023
• CVE-2023-30222An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping.7.5Jun 16, 2023
• CVE-2005-3143Unspecified vulnerability in the Mailbox Server for 4D WebStar before 5.3.5 allows attackers to cause a denial of service (crash) via IMAP clients on Mac OS X 10.4 Mail 2.5.0Oct 5, 2005
• CVE-2005-1507Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL.5.0May 11, 2005
• CVE-2004-06984D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack.3.6Jul 16, 2004
• CVE-2004-0697Unknown vulnerability in 4D WebSTAR 5.3.2 and earlier allows remote attackers to read the php.ini configuration file and possibly obtain sensitive information.5.0Jul 16, 2004
• CVE-2004-0696The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character.5.0Jul 16, 2004
• CVE-2004-0695Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.7.5Jul 16, 2004
• CVE-2004-0112The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote ...5.0Mar 18, 2004
• CVE-2004-0081OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Tes...5.0Mar 18, 2004
• CVE-2004-0079The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a nu...7.5Mar 18, 2004
• CVE-2000-0290Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request.5.0Mar 9, 2002