Export limit exceeded: 344962 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344962 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2419 | 1 Keene | 1 Digital Media Server | 2026-04-16 | N/A |
| Keene Digital Media Server 1.0.2 allows local users to obtain usernames and passwords by reading the dmscore.db file on the local system. | ||||
| CVE-2004-2420 | 1 Hitachi | 3 Jp1 P-1b41-9461, Jp1 P-1b41-9471, Jp1 P-1j41-9471 | 2026-04-16 | N/A |
| Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7 allows remote attackers to cause a denial of service (daemon halt) via a port scan involving reset packets. | ||||
| CVE-2004-2421 | 1 Hitachi | 3 Jp1 P-1b41-9461, Jp1 P-1b41-9471, Jp1 P-1j41-9471 | 2026-04-16 | N/A |
| Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights. | ||||
| CVE-2004-2739 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| The setup routine (setup.php) in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors. | ||||
| CVE-2004-2422 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. | ||||
| CVE-2004-2423 | 1 Ipswitch | 1 Imail | 2026-04-16 | N/A |
| Unknown vulnerability in the Web calendaring component of Ipswitch IMail Server before 8.13 allows remote attackers to cause a denial of service (crash) via "specific content." | ||||
| CVE-2004-2740 | 1 Phprojekt | 1 Phprojekt | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows remote attackers to include arbitrary PHP code via a URL in the path_pre parameter. | ||||
| CVE-2004-2424 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 through 8.1 SP2 allow remote attackers to cause a denial of service (network port consumption) via unknown actions in HTTPS sessions, which prevents the server from releasing the network port when the session ends. | ||||
| CVE-2004-2742 | 1 Businessobjects | 1 Crystal Enterprise | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report (RPT) file. | ||||
| CVE-2004-2743 | 1 Raditha Dissanayake | 1 Mega Upload Progress Bar | 2026-04-16 | N/A |
| upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files. | ||||
| CVE-2004-2744 | 1 Phplist | 1 Mailing List Manager | 2026-04-16 | N/A |
| Unspecified vulnerability in Tincan Limited PHPlist before 2.8.12 has unknown impact and attack vectors, related to a "security update release." | ||||
| CVE-2004-2745 | 1 Anteco Visual Technologies | 1 Ownserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Anteco Visual Technologies OwnServer 1.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | ||||
| CVE-2004-2749 | 1 2wire | 1 Homeportal | 2026-04-16 | N/A |
| Directory traversal vulnerability in wra/public/wralogin in 2Wire Gateway, possibly as used in HomePortal and other product lines, allows remote attackers to read arbitrary files via a .. (dot dot) in the return parameter. NOTE: this issue was reported as XSS, but this might be a terminology error. | ||||
| CVE-2004-2750 | 1 Jbrowser | 1 Jbrowser | 2026-04-16 | N/A |
| Directory traversal vulnerability in browser.php in JBrowser 1.0 through 2.1 allows remote attackers to read arbitrary files via the directory parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2004-2751 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| SQL injection vulnerability in the members_list module in PostNuke 0.726, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the sortby parameter. | ||||
| CVE-2004-2425 | 1 Axis | 14 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 11 more | 2026-04-16 | N/A |
| Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent (`) and possibly other shell metacharacters in the query string to virtualinput.cgi. | ||||
| CVE-2004-2752 | 1 Postnuke Software Foundation | 1 Postnuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the Downloads module in PostNuke up to 0.726, and possibly later versions, allows remote attackers to inject arbitrary HTML and web script via the ttitle parameter in a viewdownloaddetails action. | ||||
| CVE-2004-2426 | 1 Axis | 14 2100 Network Camera, 2110 Network Camera, 2120 Network Camera and 11 more | 2026-04-16 | N/A |
| Directory traversal vulnerability in Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to bypass authentication via a .. (dot dot) in an HTTP POST request to ServerManager.srv, then use these privileges to conduct other activities, such as modifying files using editcgi.cgi. | ||||
| CVE-2004-2753 | 1 Hp | 1 Hp-ux | 2026-04-16 | N/A |
| Unspecified vulnerability in SharedX in HP-UX B.11.00, B.11.11, and B.11.22 allows local users to access unspecified files or cause a denial of service via unknown vectors related to handling of "files in a potentially insecure manner." | ||||
| CVE-2004-2754 | 1 Yabb | 1 Yabb Se | 2026-04-16 | N/A |
| SQL injection vulnerability in SSI.php in YaBB SE 1.5.4, 1.5.3, and possibly other versions before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the ID_MEMBER parameter to the (1) recentTopics and (2) welcome functions. | ||||