Export limit exceeded: 18536 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349374 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1706 | 1 U.s.robotics | 1 Usr808054 | 2026-04-16 | N/A |
| The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string. | ||||
| CVE-2004-1716 | 1 Powie | 1 Pforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile. | ||||
| CVE-2004-1708 | 1 Shawn Webb | 1 Webbsyte Chat | 2026-04-16 | N/A |
| Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections. | ||||
| CVE-2004-1709 | 1 Datakey | 1 Rainbow Ikey2032 Usb Token | 2026-04-16 | N/A |
| Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users. | ||||
| CVE-2004-1710 | 1 Andrew Kilpatrick | 1 Page Cgi | 2026-04-16 | N/A |
| page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter. | ||||
| CVE-2004-1711 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. | ||||
| CVE-2004-1712 | 1 Typepad | 1 Typepad | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter. | ||||
| CVE-2004-1713 | 1 Hp | 2 Process Resource Manager, Workload Manager | 2026-04-16 | N/A |
| Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files. | ||||
| CVE-2004-1714 | 1 Iss | 2 Blackice Pc Protection, Blackice Server Protection | 2026-04-16 | 7.1 High |
| BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule. | ||||
| CVE-2004-1715 | 1 Clearswift | 1 Mimesweeper For Web | 2026-04-16 | N/A |
| Directory traversal vulnerability in MIMEsweeper for Web before 5.0.4 allows remote attackers or local users to read arbitrary files via "..\\", "..\", and similar dot dot sequences in the URL. | ||||
| CVE-2004-1717 | 1 Gv | 1 Gv | 2026-04-16 | N/A |
| Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value. | ||||
| CVE-2004-1718 | 1 Pedestal Software | 1 Integrity Protection Driver | 2026-04-16 | N/A |
| The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. | ||||
| CVE-2004-1719 | 1 Merak | 1 Mail Server | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Merak Webmail Server 5.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) cserver, (3) ext, (4) global, (5) showgroups, (6) or showlite parameters to address.html, or the (7) spage or (8) autoresponder parameters to settings.html, the (9) folder parameter to readmail.html, or the (10) attachmentpage_text_error parameter to attachment.html, (11) folder, (12) ct, or (13) cv parameters to calendar.html, (14) an <img> tag, or (15) the subject of an e-mail message. | ||||
| CVE-2004-1720 | 1 Merak | 1 Mail Server | 2026-04-16 | N/A |
| The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since the path is leaked in web logs that may only be available to the administrators, who would have access to the path through legitimate means. | ||||
| CVE-2004-1722 | 1 Merak | 1 Mail Server | 2026-04-16 | N/A |
| SQL injection vulnerability in calendar.html in Merak Mail Server 5.2.7 allows remote attackers to execute arbitrary SQL statements via the schedule parameter. | ||||
| CVE-2004-1724 | 1 Php Fusion | 1 Php Fusion | 2026-04-16 | N/A |
| The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator username and password. | ||||
| CVE-2004-1726 | 1 John Bradley | 1 Xv | 2026-04-16 | N/A |
| Multiple integer overflows in (1) xviris.c, (2) xvpcx.c, and (3) xvpm.c in XV allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. | ||||
| CVE-2004-1727 | 1 Working Resources Inc. | 1 Badblue | 2026-04-16 | N/A |
| BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address. | ||||
| CVE-2004-1735 | 1 Sympa | 1 Sympa | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. | ||||
| CVE-2004-1737 | 2 Gentoo, The Cacti Group | 2 Linux, Cacti | 2026-04-16 | N/A |
| SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. | ||||