Export limit exceeded: 350354 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350354 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2722 | 1 Nessus | 1 Nessus | 2026-04-16 | N/A |
| Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue | ||||
| CVE-2004-2723 | 1 Nessus | 1 Nessuswx | 2026-04-16 | N/A |
| NessusWX 1.4.4 stores account passwords in plaintext in .session files, which allows local users to obtain passwords. | ||||
| CVE-2004-2724 | 1 Lionmax Software | 1 Chat Anywhere | 2026-04-16 | N/A |
| LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server crash and client CPU consumption) via a username beginning with percent (%) followed by a null character. | ||||
| CVE-2004-2726 | 1 Mailenable | 1 Mailenable | 2026-04-16 | N/A |
| HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348. | ||||
| CVE-2004-2727 | 1 Mailenable | 1 Mailenable | 2026-04-16 | N/A |
| Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request. | ||||
| CVE-2004-2728 | 1 Hummingbird | 1 Connectivity | 2026-04-16 | N/A |
| Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | ||||
| CVE-2004-2729 | 1 Hummingbird | 1 Connectivity | 2026-04-16 | N/A |
| Inetd32 Administration Tool of Hummingbird Connectivity 7.1 and 9.0 allows local users to execute arbitrary code by changing the program for handling incoming connections. | ||||
| CVE-2004-2731 | 1 Linux | 1 Linux Kernel | 2026-04-16 | N/A |
| Multiple integer overflows in Sbus PROM driver (drivers/sbus/char/openprom.c) for the Linux kernel 2.4.x up to 2.4.27, 2.6.x up to 2.6.7, and possibly later versions, allow local users to execute arbitrary code by specifying (1) a small buffer size to the copyin_string function or (2) a negative buffer size to the copyin function. | ||||
| CVE-2004-2443 | 1 Jaws | 1 Jaws | 2026-04-16 | N/A |
| Jaws 0.3 allows remote attackers to bypass authentication and via an HTTP request to admin.php with the logged cookie set to the MD5 hash of a null password, which is compared against the logged session variable by the logged_on function in application.php. | ||||
| CVE-2004-2168 | 1 Baardsen Software | 1 Basomail Server | 2026-04-16 | N/A |
| BaSoMail 1.24 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections to TCP port (1) 25 (SMTP) or (2) 110 (POP3). | ||||
| CVE-2004-2169 | 1 A-a-s Application Access Server | 1 A-a-s Application Access Server | 2026-04-16 | N/A |
| Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request. | ||||
| CVE-2004-2170 | 1 Niti Telecom | 1 Caravan Business Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | ||||
| CVE-2004-2172 | 1 Netsourcecommerce | 1 Productcart | 2026-04-16 | 7.5 High |
| EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack. | ||||
| CVE-2004-2173 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter. | ||||
| CVE-2004-2174 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter. | ||||
| CVE-2004-2175 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | ||||
| CVE-2004-2176 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| The Internet Connection Firewall (ICF) in Microsoft Windows XP SP2 is configured by default to trust sessmgr.exe, which allows local users to use sessmgr.exe to create a local listening port that bypasses the ICF access controls. | ||||
| CVE-2004-2177 | 1 Devoybb | 1 Devoybb Web Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2004-2178 | 1 Devoybb | 1 Devoybb Web Forum | 2026-04-16 | N/A |
| SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-2179 | 1 Microsoft | 2 Frontpage, Ie | 2026-04-16 | N/A |
| asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. | ||||