Export limit exceeded: 349439 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349439 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349439 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2675 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted. | ||||
| CVE-2004-2676 | 1 Webroot Software | 1 Spy Sweeper Enterprise | 2026-04-16 | N/A |
| The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges. | ||||
| CVE-2004-2677 | 1 Qwikmail | 1 Qwikmail Smtp | 2026-04-16 | N/A |
| Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments. | ||||
| CVE-2004-2678 | 1 Hp | 1 Tru64 | 2026-04-16 | N/A |
| Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2004-2679 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. | ||||
| CVE-2004-2686 | 1 Sun | 2 Solaris, Sunos | 2026-04-16 | N/A |
| Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure. | ||||
| CVE-2004-2687 | 2 Apple, Samba | 2 Xcode, Samba | 2026-04-16 | N/A |
| distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks. | ||||
| CVE-2004-2689 | 1 Newsphp | 1 Newsphp | 2026-04-16 | N/A |
| NewsPHP allows remote attackers to gain unauthorized administrative access by setting a cookie to the "autorized=admin; root=admin" value. | ||||
| CVE-2004-2690 | 1 Newsphp | 1 Newsphp | 2026-04-16 | N/A |
| Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files. | ||||
| CVE-2004-2708 | 1 Phrozensmoke | 1 Gyach Enhanced | 2026-04-16 | N/A |
| Gyach Enhanced (Gyach-E) before 1.0.0 stores passwords in plaintext, which allows attackers to obtain user passwords by reading the configuration file. | ||||
| CVE-2004-2709 | 1 Phrozensmoke | 1 Gyach Enhanced | 2026-04-16 | N/A |
| Buffer overflow in the strip_html_tags method for Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors involving HTML tags. | ||||
| CVE-2004-2711 | 1 Phrozensmoke | 1 Gyach Enhanced | 2026-04-16 | N/A |
| Multiple buffer overflows in Gyach Enhanced (Gyach-E) before 1.0.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to "avatar retrieval." | ||||
| CVE-2004-2712 | 1 Phrozensmoke | 1 Gyach Enhanced | 2026-04-16 | N/A |
| Buffer overflow in Gyach Enhanced (Gyach-E) before 1.0.0-SneakPeek-3 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to "URL data." | ||||
| CVE-2004-2714 | 1 Windowmaker | 1 Windowmaker | 2026-04-16 | N/A |
| Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown actions via format string specifiers in a font specification in WMGLOBAL, probably a format string vulnerability. | ||||
| CVE-2004-2715 | 1 Php Heaven | 1 Phpmychat | 2026-04-16 | N/A |
| edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false. | ||||
| CVE-2004-2717 | 1 Php Heaven | 1 Phpmychat | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the (1) sheet and (2) What parameters. | ||||
| CVE-2004-2718 | 1 Php Heaven | 1 Phpmychat | 2026-04-16 | N/A |
| PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request. | ||||
| CVE-2004-2719 | 1 Foxmail | 1 Foxmail | 2026-04-16 | N/A |
| Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339. | ||||
| CVE-2004-2720 | 1 Snitz Communications | 1 Snitz Forums 2000 | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter. | ||||
| CVE-2004-2721 | 1 Heiko Stamer | 1 Openskat | 2026-04-16 | N/A |
| The CheckGroup function in openSkat VTMF before 2.1 generates public key pairs in which the "p" variable might not be prime, which allows remote attackers to determine the private key and decrypt messages. | ||||