Export limit exceeded: 350424 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350424 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2525 | 1 S9y | 1 Serendipity | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable. | ||||
| CVE-2004-2526 | 1 Ibm | 1 Tivoli Directory Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. (dot dot) in the Template parameter. | ||||
| CVE-2004-2528 | 1 Webcam Corp | 1 Webcam Watchdog | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in sresult.exe in Webcam Watchdog 4.0.1a allows remote attackers to inject arbitrary web script or HTML via the cam parameter. | ||||
| CVE-2004-2529 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities. | ||||
| CVE-2004-2546 | 2 Samba, Trustix | 2 Samba, Secure Linux | 2026-04-16 | N/A |
| Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption). | ||||
| CVE-2004-2531 | 1 Gnu | 1 Gnutls | 2026-04-16 | N/A |
| X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | ||||
| CVE-2004-2532 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-16 | N/A |
| Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command. | ||||
| CVE-2004-2533 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-16 | N/A |
| Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2004-2111. | ||||
| CVE-2004-2534 | 1 Fastream | 1 Netfile Server | 2026-04-16 | N/A |
| Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service (connection consumption) by sending a large number HTTP HEAD requests. | ||||
| CVE-2004-2535 | 1 Matthew Phillips | 1 Sticker | 2026-04-16 | N/A |
| The person-to-person secure messaging feature in Sticker before 3.1.0 beta 2 allows remote attackers to post messages to unauthorized private groups by using the group's public encryption key. | ||||
| CVE-2004-2537 | 1 Netwin | 1 Surgemail | 2026-04-16 | N/A |
| Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug." | ||||
| CVE-2004-2539 | 1 Network Appliance | 2 Data Ontap, Netcache | 2026-04-16 | N/A |
| Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID | ||||
| CVE-2004-2540 | 1 Sun | 2 Jdk, Jre | 2026-04-16 | N/A |
| readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data. | ||||
| CVE-2004-2541 | 2 Cscope, Redhat | 2 Cscope, Enterprise Linux | 2026-04-16 | N/A |
| Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target. | ||||
| CVE-2004-2542 | 1 Dynix | 1 Webpac | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases. | ||||
| CVE-2004-2543 | 1 Securecomputing | 1 Sidewinder G2 | 2026-04-16 | N/A |
| Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MIME messages to the mail filter. NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure. | ||||
| CVE-2004-2544 | 1 Securecomputing | 1 Sidewinder G2 | 2026-04-16 | N/A |
| Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information. | ||||
| CVE-2004-2545 | 1 Securecomputing | 1 Sidewinder G2 | 2026-04-16 | N/A |
| Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service (SMTP proxy failure) via unknown attack vendors involving an "extremely busy network." NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure. | ||||
| CVE-2004-2549 | 1 Nortel | 3 Wlan Access Point 2220, Wlan Access Point 2221, Wlan Access Point 2225 | 2026-04-16 | N/A |
| Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allow remote attackers to cause a denial of service (service crash) via a TCP request with a large string, followed by 8 newline characters, to (1) the Telnet service on TCP port 23 and (2) the HTTP service on TCP port 80, possibly due to a buffer overflow. | ||||
| CVE-2004-2550 | 1 Xperience | 1 Sandsurfer | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data. | ||||