Export limit exceeded: 345062 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (345062 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2428 | 1 Abczone.it | 1 Wwwguestbook | 2026-04-16 | N/A |
| Abczone.it WWWguestbook 1.1 stores db/dbase.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the plaintext username and password. | ||||
| CVE-2004-2436 | 1 Broadcom | 3 Common Services, Unicenter Network And Systems Management, Unicenter Serviceplus Service Desk | 2026-04-16 | N/A |
| Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges. | ||||
| CVE-2004-2445 | 1 Jaws | 1 Jaws | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in Jaws 0.3 BETA allows remote attackers to view arbitrary files via a .. (dot dot) in the gadget parameter. | ||||
| CVE-2004-2446 | 1 1st Class Internet Solutions | 1 1st Class Mail Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in 1st Class Mail Server 4.01 allows remote attackers to read arbitrary files via a ".." (dot dot) sequences in unknown vectors. | ||||
| CVE-2004-2453 | 1 Tutti Nova | 1 Tutti Nova | 2026-04-16 | N/A |
| Unknown vulnerability in Tutti Nova 0.10 through 0.12 (Beta) and 0.9.4, when register_globals is enabled, has unknown impact and attack vectors. | ||||
| CVE-2004-2463 | 1 Ada | 1 Imgsvr | 2026-04-16 | N/A |
| Buffer overflow in ADA Image Server (ImgSvr) 0.4 allows remote attackers to cause a denial of service (web server crash) or execute arbitrary code via a long GET request. | ||||
| CVE-2004-2472 | 1 Agnitum | 1 Outpost Firewall | 2026-04-16 | N/A |
| Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro. | ||||
| CVE-2004-2475 | 1 Google | 1 Toolbar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. | ||||
| CVE-2001-0500 | 1 Microsoft | 3 Index Server, Indexing Service, Internet Information Server | 2026-04-16 | N/A |
| Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red. | ||||
| CVE-2002-0140 | 1 Dnrd | 1 Dnrd | 2026-04-16 | N/A |
| Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions. | ||||
| CVE-2004-0686 | 3 Redhat, Samba, Trustix | 3 Enterprise Linux, Samba, Secure Linux | 2026-04-16 | N/A |
| Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors. | ||||
| CVE-2004-0735 | 1 Electronic Arts | 1 Medal Of Honor Allied Assault | 2026-04-16 | N/A |
| Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors. | ||||
| CVE-2004-0742 | 1 Sun | 1 Java System Calendar Server | 2026-04-16 | N/A |
| Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view. | ||||
| CVE-2005-0106 | 1 Ubuntu | 1 Ubuntu Linux | 2026-04-16 | N/A |
| SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file. | ||||
| CVE-2005-0157 | 1 Smartlist | 1 Smartlist | 2026-04-16 | N/A |
| The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned. | ||||
| CVE-2005-1410 | 3 Postgresql, Redhat, Trustix | 3 Postgresql, Enterprise Linux, Secure Linux | 2026-04-16 | N/A |
| The tsearch2 module in PostgreSQL 7.4 through 8.0.x declares the (1) dex_init, (2) snb_en_init, (3) snb_ru_init, (4) spell_init, and (5) syn_init functions as "internal" even when they do not take an internal argument, which allows attackers to cause a denial of service (application crash) and possibly have other impacts via SQL commands that call other functions that accept internal arguments. | ||||
| CVE-2005-1430 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2026-04-16 | N/A |
| Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users. | ||||
| CVE-2005-3747 | 1 Mortbay | 1 Jetty | 2026-04-16 | N/A |
| Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters. NOTE: this might be the same issue as CVE-2006-2758. | ||||
| CVE-2006-0225 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2026-04-16 | N/A |
| scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice. | ||||
| CVE-2004-2479 | 2 National Science Foundation, Redhat | 2 Squid Web Proxy Cache, Enterprise Linux | 2026-04-16 | N/A |
| Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages. | ||||