Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0414 | 6 Cvs, Gentoo, Openbsd and 3 more | 6 Cvs, Linux, Openbsd and 3 more | 2026-04-16 | N/A |
| CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. | ||||
| CVE-2004-1712 | 1 Typepad | 1 Typepad | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter. | ||||
| CVE-2004-1713 | 1 Hp | 2 Process Resource Manager, Workload Manager | 2026-04-16 | N/A |
| Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files. | ||||
| CVE-2004-0424 | 4 Linux, Redhat, Sgi and 1 more | 4 Linux Kernel, Enterprise Linux, Propack and 1 more | 2026-04-16 | N/A |
| Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option. | ||||
| CVE-2004-0425 | 1 Netegrity | 1 Sideminder Affiliate Agent | 2026-04-16 | N/A |
| Heap-based buffer overflow in SiteMinder Affiliate Agent 4.x allows remote attackers to execute arbitrary code via a large SMPROFILE cookie. | ||||
| CVE-2004-0426 | 2 Andrew Tridgell, Redhat | 2 Rsync, Enterprise Linux | 2026-04-16 | N/A |
| rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path. | ||||
| CVE-2004-1715 | 1 Clearswift | 1 Mimesweeper For Web | 2026-04-16 | N/A |
| Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL. | ||||
| CVE-2004-1724 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator username and password. | ||||
| CVE-2005-3260 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php. | ||||
| CVE-2004-1726 | 1 John Bradley | 1 Xv | 2026-04-16 | N/A |
| Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. | ||||
| CVE-2005-3261 | 1 Versatilebulletinboard | 1 Versatilebulletinboard | 2026-04-16 | N/A |
| getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request. | ||||
| CVE-2004-1728 | 1 British National Corpus | 1 Sara | 2026-04-16 | N/A |
| Buffer overflow in British National Corpus SARA (sarad) allows remote attackers to execute arbitrary code by calling the client with a long string. | ||||
| CVE-2005-3262 | 1 Rarlab | 1 Winrar | 2026-04-16 | N/A |
| Format string vulnerability in RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via format string specifiers in a UUE/XXE file, which are not properly handled when WinRAR displays diagnostic errors related to an invalid filename. | ||||
| CVE-2004-1729 | 1 Nihuo Software | 1 Web Log Analyzer | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Nihuo Web Log Analyzer 1.6 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header. | ||||
| CVE-2005-2882 | 1 Phpcommunitycalendar | 1 Phpcommunitycalendar | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the LocationID parameter to (1) thankyou.php or (2) day.php, font parameter to (3) calDaily.php, (4) calMonthly.php, (5) calMonthlyP.php, (6) calWeekly.php, (7) calWeeklyP.php, (8) calYearly.php, (9) calYearlyP.php, (10) day.php, or (11) week.php, or (12) CeTi, (13) Contact, (14) Description, (15) ShowAddress parameter to event.php, and other attack vectors. | ||||
| CVE-2004-1731 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address. | ||||
| CVE-2000-0905 | 1 Qnx | 1 Voyager | 2026-04-16 | N/A |
| QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page. | ||||
| CVE-2005-2885 | 1 Maxdev | 1 Md-pro | 2026-04-16 | N/A |
| The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file extension checks and execute arbitrary commands by uploading a file with a different extension, as demonstrated using .inc files. | ||||
| CVE-2004-1821 | 1 Warpspeed | 1 4nalbum Module | 2026-04-16 | N/A |
| SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to gain privileges or perform unauthorized database operations via the gid parameter. | ||||
| CVE-2004-1822 | 1 Phorum | 1 Phorum | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.1 through 5.0.3 beta allow remote attackers to inject arbitrary web script or HTML via the (1) HTTP_REFERER parameter to login.php, (2) HTTP_REFERER parameter to register.php, or (3) target parameter to profile.php. | ||||