Export limit exceeded: 349379 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349379 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2091 | 1 Microsoft | 1 Baseline Security Analyzer | 2026-04-16 | N/A |
| Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security. | ||||
| CVE-2004-2092 | 1 Broadcom | 1 Inoculateit | 2026-04-16 | N/A |
| eTrust InoculateIT for Linux 6.0 uses insecure permissions for multiple files and directories, including the application's registry and tmp directories, which allows local users to delete, modify, or examine sensitive information. | ||||
| CVE-2004-2116 | 1 Tinyserver | 1 Tinyserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2004-2112 | 1 Herberlin | 1 Bremsserver | 2026-04-16 | N/A |
| Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL. | ||||
| CVE-2004-2113 | 1 Herberlin | 1 Bremsserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BremsServer 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2004-2114 | 1 Internetnow | 1 Proxynow | 2026-04-16 | N/A |
| Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earlier allow remote attackers to execute arbitrary code via a GET request with a long ftp:// URL. | ||||
| CVE-2004-2115 | 1 Oracle | 1 Http Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request. | ||||
| CVE-2004-2111 | 1 Solarwinds | 1 Serv-u File Server | 2026-04-16 | N/A |
| Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename. | ||||
| CVE-2004-2119 | 1 Tinyserver | 1 Tinyserver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Tiny Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the URL. | ||||
| CVE-2004-2121 | 1 Borland Software | 1 Web Server For Corel Paradox | 2026-04-16 | N/A |
| Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL. | ||||
| CVE-2004-2124 | 1 Gallery Project | 1 Gallery | 2026-04-16 | N/A |
| The register_globals simulation capability in Gallery 1.3.1 through 1.4.1 allows remote attackers to modify the HTTP_POST_VARS variable and conduct a PHP remote file inclusion attack via the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. | ||||
| CVE-2004-2142 | 1 Jorg Schilling | 1 Sdd | 2026-04-16 | N/A |
| Unknown vulnerability in the remote tape support (remote.c) in the RMT client for Jorg Schilling sdd 1.28 and 1.31 has unknown impact and attack vectors. | ||||
| CVE-2004-2117 | 1 Tinyserver | 1 Tinyserver | 2026-04-16 | N/A |
| Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version. | ||||
| CVE-2004-2120 | 1 Reptile Web Server | 1 Reptile Web Server | 2026-04-16 | N/A |
| Reptile Web Server allows remote attackers to cause a denial of service (CPU consumption) via multiple incomplete GET requests without the HTTP version. | ||||
| CVE-2004-2122 | 1 Intra Forum | 1 Intra Forum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in intraforum_db.cgi in Intra Forum allows remote attackers to inject arbitrary web script or HTML via the (1) use_last_read or (2) forum parameters. | ||||
| CVE-2004-2127 | 1 Leif M. Wright | 1 Web Blog | 2026-04-16 | N/A |
| Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable. | ||||
| CVE-2004-2128 | 1 Brs | 1 Webweaver | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll. | ||||
| CVE-2004-2129 | 1 Loom Software | 2 Surfnow Professional, Surfnow Standard | 2026-04-16 | N/A |
| SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. | ||||
| CVE-2004-2130 | 1 Phpbb Group | 1 Phpbb | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in privmsg.php in phpBB 2.0.6 allow remote attackers to execute arbitrary script or HTML via the (1) folder or (2) mode variables. | ||||
| CVE-2004-2143 | 1 Mambo | 1 Mambo Portal | 2026-04-16 | N/A |
| SQL injection vulnerability in the ReMOSitory Server add-on module to Mambo Portal 4.5.1 (1.09) and earlier allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in the com_remository option. | ||||