Export limit exceeded: 344952 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344952 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1197 | 1 Insite | 2 Inmail, Inshop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in inshop.pl in Insite inShop allows remote attackers to inject arbitrary web script or HTML via the screen parameter. | ||||
| CVE-2005-0979 | 1 Netmanage | 1 Rumba | 2026-04-16 | N/A |
| Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted values in a profile file, as demonstrated using a long SysName field. | ||||
| CVE-2004-1198 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | ||||
| CVE-2004-1199 | 1 Apple | 1 Safari | 2026-04-16 | N/A |
| Safari 1.2.4 on Mac OS X 10.3.6 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | ||||
| CVE-2004-1200 | 1 Mozilla | 1 Firefox | 2026-04-16 | N/A |
| Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. | ||||
| CVE-2004-1204 | 1 Fluxbox-team | 1 Fluxbot | 2026-04-16 | N/A |
| FluxBox 0.9.10 and earlier versions allows local users to cause a denial of service (application crash) by calling Xman with a long -title value, possibly triggering a buffer overflow. | ||||
| CVE-2004-1205 | 1 Pntresmailer | 1 Pntresmailer | 2026-04-16 | N/A |
| codebrowserpntm.php in PnTresMailer 6.03 allows remote attackers to gain sensitive information via an invalid filetohighlight parameter, which reveals the full path in an error message. | ||||
| CVE-2004-1209 | 1 Verisign | 1 Payflow Link | 2026-04-16 | N/A |
| Verisign Payflow Link, when running with empty Accepted URL fields, does not properly verify the data in the hidden AMOUNT field, which allows remote attackers to modify the price of the items that they purchase. | ||||
| CVE-2004-1210 | 1 Ipcop | 1 Ipcop | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in proxylog.dat in IPCop 1.4.1 and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the (1) url or (2) part variables. | ||||
| CVE-2004-1211 | 1 David Harris | 1 Mercury | 2026-04-16 | N/A |
| Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands. | ||||
| CVE-2004-1213 | 1 Advanced Guestbook | 1 Advanced Guestbook | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Advanced Guestbook 2.3.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the entry parameter. | ||||
| CVE-2004-1215 | 1 Burut | 1 Kreed | 2026-04-16 | N/A |
| Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error. | ||||
| CVE-2004-1216 | 1 Burut | 1 Kreed | 2026-04-16 | N/A |
| The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game. | ||||
| CVE-2004-1217 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp. | ||||
| CVE-2004-1218 | 1 Ibex Software | 1 Remote Execute | 2026-04-16 | N/A |
| Remote Execute 2.30 allows remote attackers to cause a denial of service (application crash) by making 7 simultaneous connections. | ||||
| CVE-2004-1219 | 1 Php Arena | 1 Pafiledb | 2026-04-16 | N/A |
| paFileDB 3.1, when using sessions authentication and while the administrator logs on, allows remote attackers to read the administrator's password hash and conduct brute force password guessing attacks by listing the contents of the sessions directory and reading the associated file for the administrator session. | ||||
| CVE-2004-1220 | 1 Digital Illusions | 2 Battlefield 1942, Battlefield Vietnam | 2026-04-16 | N/A |
| Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference. | ||||
| CVE-2004-1221 | 1 Darryl Burgdorf | 1 Weblibs | 2026-04-16 | N/A |
| Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows remote attackers to read arbitrary files via .. sequences in the TextFile parameter. | ||||
| CVE-2004-1223 | 1 F-secure | 1 Policy Manager | 2026-04-16 | N/A |
| The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters. | ||||
| CVE-2004-1224 | 1 Mtr | 1 Mtr | 2026-04-16 | N/A |
| Off-by-one error in the mtr_curses_keyaction function for mtr 0.55 through 0.65 allows local users to hijack raw sockets, as demonstrated using the "s" keybinding, which leaves a buffer without a NULL terminator. | ||||