Export limit exceeded: 29899 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29899 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2274 | 1 W3c | 1 Jigsaw | 2026-04-16 | N/A |
| Unknown vulnerability in Jigsaw before 2.2.4 has unknown impact and attack vectors, possibly related to the parsing of the URI. | ||||
| CVE-2004-1665 | 1 Psnews | 1 Psnews | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PsNews 1.1 allows remote attackers to inject arbitrary web script or HTML via the no parameter. | ||||
| CVE-2004-1691 | 1 Rhinosoft | 1 Dns4me | 2026-04-16 | N/A |
| The Web Server in DNS4Me 3.0.0.4 allows remote attackers to cause a denial of service (CPU consumption and crash) via a large amount of data. | ||||
| CVE-2004-1696 | 1 Emulive | 1 Server4 | 2026-04-16 | N/A |
| EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66. | ||||
| CVE-2004-1698 | 1 Leadmind | 1 Popmessenger | 2026-04-16 | N/A |
| The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash. | ||||
| CVE-2004-1708 | 1 Shawn Webb | 1 Webbsyte Chat | 2026-04-16 | N/A |
| Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections. | ||||
| CVE-2004-1718 | 1 Pedestal Software | 1 Integrity Protection Driver | 2026-04-16 | N/A |
| The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. | ||||
| CVE-2004-1734 | 1 Mantis | 1 Mantis | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in Mantis 0.19.0a allows remote attackers to execute arbitrary PHP code by modifying the (1) t_core_path parameter to bug_api.php or (2) t_core_dir parameter to relationship_api.php to reference a URL on a remote web server that contains the code. | ||||
| CVE-2004-1727 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address. | ||||
| CVE-2004-1738 | 1 Jshop E-commerce | 1 Jshop Server | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in page.php in JShop allows remote attackers to inject arbitrary web script or HTML via the xPage parameter. | ||||
| CVE-2004-1742 | 1 Web-app.org | 1 Webapp | 2026-04-16 | N/A |
| Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. | ||||
| CVE-2004-1737 | 2 Gentoo, The Cacti Group | 2 Linux, Cacti | 2026-04-16 | N/A |
| SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | ||||
| CVE-2004-1743 | 1 Efs Software | 1 Efs Web Server | 2026-04-16 | N/A |
| Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to view arbitrary files via an HTTP request for the disk_c virtual folder. | ||||
| CVE-2004-1746 | 1 Php Code Snippet Library | 1 Php Code Snippet Library | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in PHP Code Snippet Library allows remote attackers to inject arbitrary web script or HTML via the (1) cat_select or (2) show parameters. | ||||
| CVE-2004-1747 | 1 Network Everywhere | 1 Nr041 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in NetworkEverywhere NR041 running firmware 1.2 Release 03 allows remote attackers to inject arbitrary web script or HTML via the DHCP HOSTNAME option. | ||||
| CVE-2004-1748 | 1 Sysinternals | 1 Regmon | 2026-04-16 | N/A |
| NtRegmon before 6.12 allows local users to cause a denial of service (crash), while NtRegmon is running, via invalid pointers to hook functions such as ZwSetQueryValue. | ||||
| CVE-2004-1750 | 1 Vnc | 1 Realvnc | 2026-04-16 | N/A |
| RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900. | ||||
| CVE-2004-1745 | 1 People Can Fly | 1 Painkiller | 2026-04-16 | N/A |
| Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password. | ||||
| CVE-2004-1757 | 1 Bea | 1 Weblogic Server | 2026-04-16 | N/A |
| BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges. | ||||
| CVE-2004-1768 | 1 Symantec | 1 Brightmail Antispam | 2026-04-16 | N/A |
| The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters. | ||||