Export limit exceeded: 344983 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344983 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344983 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2291 | 1 Microsoft | 2 Ie, Internet Explorer | 2026-04-16 | N/A |
| Microsoft Windows Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via an embedded script that uses Shell Helper objects and a shortcut (link) to execute the target script. | ||||
| CVE-2004-2290 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP Explorer allows attackers to execute arbitrary code via a HTML and script in a self-executing folder that references an executable file within the folder, which is automatically executed when a user accesses the folder. | ||||
| CVE-2004-2289 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| Microsoft Windows XP Explorer allows local users to execute arbitrary code via a system folder with a Desktop.ini file containing a .ShellClassInfo specifier with a CLSID value that is associated with an executable file. | ||||
| CVE-2004-2288 | 1 Jelsoft | 1 Vbulletin | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in Jelsoft vBulletin allows remote attackers to spoof parts of a website via the loc parameter. | ||||
| CVE-2004-2284 | 1 Open Webmail | 1 Open Webmail | 2026-04-16 | N/A |
| The read_list_from_file function in vacation.pl for OpenWebmail before 2.32 20040629 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename argument. | ||||
| CVE-2004-2283 | 1 Daniel Barron | 1 Dansguardian | 2026-04-16 | N/A |
| Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache. | ||||
| CVE-2004-2277 | 1 Agsm | 1 Agsm | 2026-04-16 | N/A |
| Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service (crash) and possibly execute arbitrary code via a long server response. | ||||
| CVE-2004-2276 | 1 F-secure | 1 F-secure Anti-virus | 2026-04-16 | N/A |
| F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection. | ||||
| CVE-2004-2272 | 1 Evan Sims | 1 Effingerd | 2026-04-16 | N/A |
| Buffer overflow in the sockFinger_DataArrival function in efFingerD 0.2.12 allows remote attackers to cause a denial of service (daemon crash) via a long finger command. | ||||
| CVE-2004-2271 | 1 Minishare | 1 Minimal Http Server | 2026-04-16 | N/A |
| Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
| CVE-2004-2270 | 1 Ibm | 1 Parallel Environment | 2026-04-16 | N/A |
| Unknown vulnerability in IBM Parallel Environment (PE) 3.2 and 4.1 allows attackers to execute arbitrary commands as root via unknown vectors in the sample code. | ||||
| CVE-2004-2269 | 1 Matt Shelton | 1 Pads | 2026-04-16 | N/A |
| Stack-based buffer overflow in pads.c in Passive Asset Detection System (Pads) might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability. | ||||
| CVE-2004-2267 | 1 Ansel | 1 Ansel | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name. | ||||
| CVE-2004-2265 | 1 Uudeview | 1 Uudeview | 2026-04-16 | N/A |
| UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact. | ||||
| CVE-2004-2264 | 1 Gnu | 1 Less | 2026-04-16 | N/A |
| Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed | ||||
| CVE-2004-2263 | 1 Playsms | 1 Playsms | 2026-04-16 | N/A |
| SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie. | ||||
| CVE-2004-2262 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php. | ||||
| CVE-2004-2261 | 1 E107 | 1 E107 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions. | ||||
| CVE-2004-2260 | 1 Opera | 1 Opera Browser | 2026-04-16 | N/A |
| Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. | ||||
| CVE-2004-2255 | 1 Phpmyfaq | 1 Phpmyfaq | 2026-04-16 | N/A |
| Directory traversal vulnerability in phpMyFAQ 1.3.12 allows remote attackers to read arbitrary files, and possibly execute local PHP files, via the action variable, which is used as part of a template filename. | ||||