Export limit exceeded: 364929 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (364929 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2216 | 1 Sun | 2 Java System Application Server, Java System Web Server | 2026-04-16 | N/A |
| Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | ||||
| CVE-1999-1356 | 1 Compaq | 1 Smartstart | 2026-04-16 | N/A |
| Compaq Integration Maintenance Utility as used in Compaq Insight Manager agent before SmartStart 4.50 modifies the legal notice caption (LegalNoticeCaption) and text (LegalNoticeText) in Windows NT, which could produce a legal notice that is in violation of the security policy. | ||||
| CVE-2004-2217 | 1 Ychat | 1 Ychat | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in yhttpd in yChat before 0.7 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors. | ||||
| CVE-2004-2219 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake. | ||||
| CVE-2004-2221 | 1 Mercantec | 1 Softcart | 2026-04-16 | N/A |
| Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request. | ||||
| CVE-2004-2226 | 1 Mozilla | 1 Thunderbird | 2026-04-16 | N/A |
| Mozilla Mail 1.7.1 and 1.7.3, and Thunderbird before 0.9, when HTML-Mails is enabled, allows remote attackers to determine valid e-mail addresses via an HTML e-mail that references a Cascading Style Sheets (CSS) document on the attacker's server. | ||||
| CVE-2004-2236 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | ||||
| CVE-2004-2239 | 1 Inter7 | 1 Vpopmail \(vchkpw\) | 2026-04-16 | N/A |
| Buffer overflow in vsybase.c in vpopmail 5.4.2 and earlier might allow attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2004-2241 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Phorum 5.0.11 and earlier allows remote attackers to inject arbitrary HTML or web script via search.php. NOTE: some sources have reported that the affected file is read.php, but this is inconsistent with the vendor's patch. | ||||
| CVE-1999-0016 | 6 Cisco, Gnu, Hp and 3 more | 8 Ios, Inet, Hp-ux and 5 more | 2026-04-16 | N/A |
| Land IP denial of service. | ||||
| CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2026-04-16 | N/A |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | ||||
| CVE-1999-0017 | 9 Caldera, Freebsd, Gnu and 6 more | 11 Openlinux, Freebsd, Inet and 8 more | 2026-04-16 | N/A |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. | ||||
| CVE-1999-0018 | 3 Ibm, Sgi, Sun | 4 Aix, Irix, Solaris and 1 more | 2026-04-16 | N/A |
| Buffer overflow in statd allows root privileges. | ||||
| CVE-2004-2245 | 1 Goollery | 1 Goollery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php. | ||||
| CVE-2004-2248 | 1 Goosequill | 1 Remoteeditor | 2026-04-16 | N/A |
| Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissions." | ||||
| CVE-2004-2249 | 1 Goosequill | 1 Audienceconnect Secureeditor | 2026-04-16 | N/A |
| Unknown vulnerability in the "access code" in SecureEditor before 0.1.2 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions. | ||||
| CVE-2004-2250 | 1 Goosequill | 1 Audienceconnect Remoteeditor | 2026-04-16 | N/A |
| Unknown vulnerability in the "access code" in RemoteEditor before 0.1.6 has unknown impact and attack vectors, possibly involving a bypass of IP address restrictions. | ||||
| CVE-2004-2251 | 1 Astaro | 1 Security Linux | 2026-04-16 | N/A |
| The PPTP server in Astaro Security Linux before 4.024 provides information about its version, which makes it easier for remote attackers to construct specialized attacks. | ||||
| CVE-2005-3254 | 1 Nathan Neulinger | 1 Cgiwrap | 2026-04-16 | N/A |
| The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems. | ||||
| CVE-2004-2252 | 1 Sophos | 1 Astaro Security Linux | 2026-04-16 | N/A |
| The firewall in Astaro Security Linux before 4.024 sends responses to SYN-FIN packets, which makes it easier for remote attackers to obtain information about the system and construct specialized attacks. | ||||