Search Results (344940 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2004-1727 1 Working Resources Inc. 1 Badblue 2026-04-16 N/A
BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address.
CVE-2004-1738 1 Jshop E-commerce 1 Jshop Server 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter.
CVE-2004-1742 1 Web-app.org 1 Webapp 2026-04-16 N/A
Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter.
CVE-2004-1737 2 Gentoo, The Cacti Group 2 Linux, Cacti 2026-04-16 N/A
SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters.
CVE-2004-1743 1 Efs Software 1 Efs Web Server 2026-04-16 N/A
Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder.
CVE-2004-1746 1 Php Code Snippet Library 1 Php Code Snippet Library 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters.
CVE-2004-1747 1 Network Everywhere 1 Nr041 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 allows remote attackers to inject arbitrary web script or HTML via the DHCP HOSTNAME option.
CVE-2004-1748 1 Sysinternals 1 Regmon 2026-04-16 N/A
NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue.
CVE-2004-1750 1 Vnc 1 Realvnc 2026-04-16 N/A
RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900.
CVE-2004-1745 1 People Can Fly 1 Painkiller 2026-04-16 N/A
Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
CVE-2004-1757 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges.
CVE-2004-1768 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters.
CVE-2004-1756 1 Bea 1 Weblogic Server 2026-04-16 N/A
BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers.
CVE-2004-1762 1 F-secure 1 F-secure Anti-virus 2026-04-16 N/A
Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.
CVE-2004-1763 1 Haht Commerce 1 Hahtsite Scenario Server 2026-04-16 N/A
Buffer overflow in hsrun.exe for HAHTsite Scenario Server 5.1 Patch 06 (build 91) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long project name.
CVE-2004-1764 1 Hp 1 Hp-ux 2026-04-16 N/A
Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.
CVE-2004-1765 1 Mod Security 1 Mod Security 2026-04-16 N/A
Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POST requests.
CVE-2004-1766 1 Juniper 1 Netscreen-security Manager 2004 2026-04-16 N/A
The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing.
CVE-2004-1767 1 Sun 2 Solaris, Sunos 2026-04-16 N/A
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function.
CVE-2004-1771 1 Open Group 1 Scalable Ogo 2026-04-16 N/A
Scalable OGo (SOGo) 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users.