Export limit exceeded: 344998 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344998 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344998 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2447 | 1 1st Class Internet Solutions | 1 1st Class Mail Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in 1st Class Mail Server 4.01 allows remote attackers to inject arbitrary web script or HTML via the Mailbox parameter to (1) viewmail.tagz, (2) the index script under /user/, (3) members.tagz, (4) general.tagz, (5) advanced.tagz, or (6) list.tagz. | ||||
| CVE-2004-2448 | 2 Cassiopeia, Itransact | 2 S-mart Shopping Cart, Redicart | 2026-04-16 | N/A |
| S-Mart Shopping Cart or RediCart 3.9.5b stores smart.cfg under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as the database name. | ||||
| CVE-2004-2449 | 1 Gamespy | 2 Roger Wilco Dedicated Server, Roger Wilco Graphical Server | 2026-04-16 | N/A |
| Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier allows remote attackers to cause a denial of service (application crash) via a long, malformed UDP datagram. | ||||
| CVE-2004-2450 | 1 Gamespy | 4 Roger Wilco, Roger Wilco Dedicated Server, Roger Wilco Graphical Server and 1 more | 2026-04-16 | N/A |
| The client and server for Roger Wilco 1.4.1.6 and earlier or Roger Wilco Base Station 0.30a and earlier report sensitive information such as IDs and source IP addresses, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2004-2451 | 1 Gamespy | 3 Roger Wilco Dedicated Server, Roger Wilco Graphical Server, Rw Base Station | 2026-04-16 | N/A |
| Roger Wilco 1.4.1.6 and earlier, or Roger Wilco Base Station 0.30a or earlier, allows remote attackers to send audio to arbitrary channels, aka the "Voices from the deep" bug. | ||||
| CVE-2004-2452 | 1 Hitachi | 1 Cosminexus Portal Framework | 2026-04-16 | N/A |
| Unknown vulnerability in Hitachi Cosminexus Portal Framework 01-00, 01-01, 01-02, 02-01, 02-02, 02-03, and other versions allows remote attackers to obtain sensitive information in the <ut:cache> tag library. | ||||
| CVE-2004-2455 | 1 Sweex | 1 Wireless Broadband Router Accesspoint 802.11g | 2026-04-16 | N/A |
| Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. | ||||
| CVE-2004-2460 | 1 Gnu | 1 Gnubiff | 2026-04-16 | N/A |
| Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list. | ||||
| CVE-2004-2461 | 1 Gnu | 1 Gnubiff | 2026-04-16 | N/A |
| Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||||
| CVE-2004-2464 | 1 Ada | 1 Imgsvr | 2026-04-16 | N/A |
| Directory traversal vulnerability in ADA Image Server (ImgSvr) 0.4 allows remote attackers to read arbitrary files or list directories via hex-encoded "..//" sequences ("%2e%2e%2f%2f"). NOTE: it was later reported that 0.6.21 and earlier is also affected. | ||||
| CVE-2004-2465 | 1 Efs Software | 1 Easy Chat Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | ||||
| CVE-2004-2466 | 1 Efs Software | 1 Easy Chat Server | 2026-04-16 | N/A |
| chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected. | ||||
| CVE-2004-2467 | 1 Efs Software | 1 Easy Chat Server | 2026-04-16 | N/A |
| chat.ghp in Easy Chat Server 1.2 allows remote attackers to add a large number of fake users, then eventually cause a denial of service (server crash). | ||||
| CVE-2004-2468 | 1 Scripts For Educators | 1 Sillysearch | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SillySearch 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter. | ||||
| CVE-2004-2469 | 1 Brickhost | 1 Phpscheduleit | 2026-04-16 | N/A |
| Unspecified vulnerability in Reservation.class.php for phpScheduleIt 1.01 and earlier allows attackers to modify or delete reservations. | ||||
| CVE-2004-2470 | 1 Madbms | 1 Madbms | 2026-04-16 | N/A |
| Unspecified vulnerability in MadBMS before 1.1.5 has unknown impact and attack vectors, related to logins. | ||||
| CVE-2004-2473 | 1 Wmfrog | 1 Wmfrog | 2026-04-16 | N/A |
| wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||
| CVE-2004-2474 | 1 Phpnews | 1 Phpnews | 2026-04-16 | N/A |
| SQL injection vulnerability in PHPNews 1.2.3 allows remote attackers to execute arbitrary SQL commands via the mid parameter to sendtofriend.php. | ||||
| CVE-2004-2475 | 1 Google | 1 Toolbar | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Google Toolbar 2.0.114.1 allows remote attackers to inject arbitrary web script via about.html in the About section. NOTE: some followup posts suggest that the demonstration code's use of the res:// protocol does not cross privilege boundaries, since it is not allowed in the Internet Zone. Thus this might not be a vulnerability. | ||||
| CVE-2004-2477 | 1 Diamondcs | 1 Process Guard Free | 2026-04-16 | N/A |
| DiamondCS Process Guard Free 2.000 allows local users to disable the process guard protection system by overwriting the current Service Descriptor Table (SDT) in \device\physicalmemory with the original SDT found in ntoskrnl.exe. | ||||