Export limit exceeded: 350424 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29918 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1673 | 1 Icewarp | 1 Web Mail | 2026-04-16 | N/A |
| accountsettings_add.html in Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allow remote attackers to create text files with arbitrary content via the accountid parameter. | ||||
| CVE-2004-1676 | 1 Gadu-gadu | 1 Gadu-gadu Instant Messenger | 2026-04-16 | N/A |
| Heap-based buffer overflow in the image sending feature in Gadu-Gadu 6.0 build 149 allows remote attackers to execute arbitrary code via a crafted GG_MSG_IMAGE_REPLY message. | ||||
| CVE-2004-1677 | 1 Logicnow | 1 Perldesk | 2026-04-16 | N/A |
| pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message. | ||||
| CVE-2004-1678 | 1 Logicnow | 1 Perldesk | 2026-04-16 | N/A |
| Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs. | ||||
| CVE-2004-1695 | 1 Emulive | 1 Server4 | 2026-04-16 | N/A |
| EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to bypass authentication for the remote administration feature via a URL that contains an extra leading / (slash). | ||||
| CVE-2004-1696 | 1 Emulive | 1 Server4 | 2026-04-16 | N/A |
| EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to cause a denial of service (application crash) via a sequence of carriage returns sent to TCP port 66. | ||||
| CVE-2004-1697 | 1 Ca | 1 Unicenter Management | 2026-04-16 | N/A |
| The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames. | ||||
| CVE-2004-1698 | 1 Leadmind | 1 Popmessenger | 2026-04-16 | N/A |
| The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash. | ||||
| CVE-2004-1700 | 1 Pinnacle Systems | 1 Showcenter | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message. | ||||
| CVE-2004-1701 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. | ||||
| CVE-2004-1702 | 1 Gnu | 1 Cfengine | 2026-04-16 | N/A |
| The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash). | ||||
| CVE-2004-1704 | 1 Wire Plastic Design | 1 Wpquiz | 2026-04-16 | N/A |
| WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory. | ||||
| CVE-2004-1705 | 1 Citadel | 1 Ux | 2026-04-16 | N/A |
| Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username. | ||||
| CVE-2004-1706 | 1 U.s.robotics | 1 Usr808054 | 2026-04-16 | N/A |
| The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string. | ||||
| CVE-2004-1716 | 1 Powie | 1 Pforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in PForum before 1.26 allows remote attackers to inject arbitrary web script or HTML via the (1) IRC Server or (2) AIM ID fields in the user profile. | ||||
| CVE-2004-1708 | 1 Shawn Webb | 1 Webbsyte Chat | 2026-04-16 | N/A |
| Webbsyte Chat 0.9.0 allows remote attackers to cause a denial of service (crash) via a large number of connections. | ||||
| CVE-2004-1709 | 1 Datakey | 1 Rainbow Ikey2032 Usb Token | 2026-04-16 | N/A |
| Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain the PINs of other users. | ||||
| CVE-2004-1710 | 1 Andrew Kilpatrick | 1 Page Cgi | 2026-04-16 | N/A |
| page.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the url parameter. | ||||
| CVE-2004-1711 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in post.php in Moodle before 1.3 allows remote attackers to inject arbitrary web script or HTML via the reply parameter. | ||||
| CVE-2004-1712 | 1 Typepad | 1 Typepad | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in TypePad allows remote attackers to inject arbitrary Javascript via the name parameter. | ||||