Export limit exceeded: 361044 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (361044 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2072 | 1 Mambo | 1 Mambo Open Source | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php for Mambo Open Source 4.6, and possibly earlier versions, allows remote attackers to execute script on other clients via the Itemid parameter. | ||||
| CVE-2004-2074 | 1 Bolintech | 1 Dream Ftp Server | 2026-04-16 | N/A |
| Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands. | ||||
| CVE-2004-2075 | 1 Sophos | 1 Sophos Anti-virus | 2026-04-16 | N/A |
| Sophos Anti-Virus 3.78 allows remote attackers to cause a denial of service (infinite loop) via a MIME header that is not properly terminated. | ||||
| CVE-2004-2076 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter. | ||||
| CVE-2004-2078 | 1 Red-m | 1 Red-alert | 2026-04-16 | N/A |
| Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service (reboot and loss of logged events) via a long request to TCP port 80, possibly triggering a buffer overflow. | ||||
| CVE-2004-2080 | 1 Red-m | 1 Red-alert | 2026-04-16 | N/A |
| Red-M Red-Alert 2.7.5 with software 3.1 build 24 converts multiple spaces in a Service Set Identifier (SSID) to a single space, which prevents Red-Alert from correctly identifying the SSID. | ||||
| CVE-2004-2081 | 1 Karjasoft | 1 Sami Ftp Server | 2026-04-16 | N/A |
| The samiftp.dll library in Sami FTP Server 1.1.3 allows local users to cause a denial of service (pmsystem.exe crash) by issuing (1) a CD command with a tilde (~) character or dot dot (/../) or (2) a GET command for an unavailable file. | ||||
| CVE-2004-2084 | 1 Jshop E-commerce | 2 Jshop Professional, Jshop Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in search.php in JShop E-Commerce Server allows remote attackers to inject arbitrary web script or HTML via the xSearch parameter. | ||||
| CVE-2004-2086 | 1 Sambar | 1 Sambar Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter. | ||||
| CVE-2004-2087 | 1 Sandsurfer | 1 Sandsurfer | 2026-04-16 | N/A |
| Unknown vulnerability in SandSurfer before 1.7.0 allows remote attackers to gain access as a logged-in user. | ||||
| CVE-2004-2089 | 1 Matrix | 1 Matrix Ftp Server | 2026-04-16 | N/A |
| Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the username and password and then issuing a LIST command. | ||||
| CVE-2004-2098 | 1 Native Solutions | 1 Tbe Banner Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the banner engine (TBE) 5.0 allows remote attackers to execute arbitrary script as other users via the HTML banner view/preview capability. | ||||
| CVE-2004-2092 | 1 Broadcom | 1 Inoculateit | 2026-04-16 | N/A |
| eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information. | ||||
| CVE-2004-2095 | 1 Niels Provos | 1 Honeyd | 2026-04-16 | N/A |
| Honeyd before 0.8 replies to TCP packets with the SYN and RST flags set, which allows remote attackers to identify IP addresses that are being simulated by Honeyd. | ||||
| CVE-2004-2097 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd. | ||||
| CVE-2000-0164 | 1 Sun | 1 Solaris Isp Server | 2026-04-16 | N/A |
| The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords. | ||||
| CVE-2004-2101 | 1 Geovision | 1 Geohttpserver | 2026-04-16 | N/A |
| The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow. | ||||
| CVE-2004-2102 | 1 Freesco | 1 Freesco | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote attackers to inject arbitrary web script or HTML via the test parameter. | ||||
| CVE-2004-2105 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. | ||||
| CVE-2004-2106 | 1 Novell | 1 Netware | 2026-04-16 | N/A |
| Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/. | ||||