Export limit exceeded: 361166 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361166 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2222 | 1 Fsphpgallery | 1 Fsphpgallery | 2026-04-16 | N/A |
| Directory traversal vulnerability in index.php in FsPHPGallery before 1.2 allows remote attackers to list arbitrary directories via the dir parameter. | ||||
| CVE-2004-2223 | 1 Fsphpgallery | 1 Fsphpgallery | 2026-04-16 | N/A |
| FsPHPGallery before 1.2 allows remote attackers to cause a denial of service via an image with a large size attribute, which causes a crash when the server attempts to resize the image. | ||||
| CVE-2004-2224 | 1 Appfoundry | 1 Message Foundry | 2026-04-16 | N/A |
| Appfoundry Message Foundry 2.75 .0003 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that contains MS-DOS device names such as com1. | ||||
| CVE-2004-2227 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox before 1.0 truncates long filenames in the file download dialog box, which makes it easier for remote attackers to trick users into downloading files with dangerous extensions. | ||||
| CVE-2004-2228 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain privileges. | ||||
| CVE-2004-2229 | 1 Oracle | 1 Database Server Lite | 2026-04-16 | N/A |
| Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | ||||
| CVE-2004-2230 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. | ||||
| CVE-2004-2231 | 1 Zero G | 1 Installanywhere | 2026-04-16 | N/A |
| Zero G Software InstallAnywhere 5.0.6, 5.0.7, and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) persistent_state or (2) env.properties.X temporary files. | ||||
| CVE-2004-2232 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| SQL injection vulnerability in sql.php in the Glossary module in Moodle 1.4.1 and earlier allows remote attackers to modify SQL statements. | ||||
| CVE-2004-2233 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Unknown "front page vulnerability with Moodle servers" for Moodle before 1.3.2 has unknown impact and attack vectors. | ||||
| CVE-2000-0221 | 1 Nortel | 1 Nautica Marlin | 2026-04-16 | N/A |
| The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port. | ||||
| CVE-2004-2240 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Phorum 5.0.11 and earlier allow remote attackers to modify SQL statements via (1) the query string in read.php or (2) unknown vectors in file.php. | ||||
| CVE-2004-2242 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in Phorum, possibly 5.0.7 beta and earlier, allows remote attackers to inject arbitrary HTML or web script via the subject parameter. | ||||
| CVE-2004-2243 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Phorum allows remote attackers to hijack sessions of other users by stealing and replaying the session hash in the phorum_uriauth parameter, as demonstrated using profile.php. NOTE: the affected version was reported to be 4.3.7, but this may be erroneous. | ||||
| CVE-2004-2246 | 1 Goollery | 1 Goollery | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversation_id parameter to viewpic.php. | ||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2026-04-16 | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | ||||
| CVE-2004-2259 | 2 Beasts, Redhat | 2 Vsftpd, Enterprise Linux | 2026-04-16 | N/A |
| vsftpd before 1.2.2, when under heavy load, allows attackers to cause a denial of service (crash) via a SIGCHLD signal during a malloc or free call, which is not re-entrant. | ||||
| CVE-2004-2260 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. | ||||
| CVE-2004-2261 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions. | ||||
| CVE-2004-2263 | 1 Playsms | 1 Playsms | 2026-04-16 | N/A |
| SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie. | ||||