Export limit exceeded: 29914 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29914 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2669 | 1 Neocrome | 1 Land Down Under | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php. | ||||
| CVE-2004-2670 | 1 Endonesia | 1 Endonesia | 2026-04-16 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module. | ||||
| CVE-2004-2672 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors. | ||||
| CVE-2004-2674 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument. | ||||
| CVE-2004-2675 | 1 Argosoft | 1 Ftp Server | 2026-04-16 | N/A |
| ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted. | ||||
| CVE-2004-2676 | 1 Webroot Software | 1 Spy Sweeper Enterprise | 2026-04-16 | N/A |
| The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges. | ||||
| CVE-2004-2677 | 1 Qwikmail | 1 Qwikmail Smtp | 2026-04-16 | N/A |
| Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments. | ||||
| CVE-2004-2678 | 1 Hp | 1 Tru64 | 2026-04-16 | N/A |
| Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2004-2679 | 1 Checkpoint | 1 Firewall-1 | 2026-04-16 | N/A |
| Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. | ||||
| CVE-2004-2690 | 1 Newsphp | 1 Newsphp | 2026-04-16 | N/A |
| Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files. | ||||
| CVE-2004-2726 | 1 Mailenable | 1 Mailenable | 2026-04-16 | N/A |
| HTTPMail service in MailEnable Professional 1.18 does not properly handle arguments to the Authorization header, which allows remote attackers to cause a denial of service (null dereference and application crash). NOTE: This is a different vulnerability than CVE-2005-1348. | ||||
| CVE-2004-2759 | 1 Sun | 4 Storedge Qfs, Storedge Sam-qfs, Storeedge Performance Suite and 1 more | 2026-04-16 | N/A |
| Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by accessing data within sparse files. | ||||
| CVE-2005-0001 | 3 Linux, Redhat, Trustix | 4 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 1 more | 2026-04-16 | N/A |
| Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion. | ||||
| CVE-2005-0002 | 1 Gentoo | 1 Poppassd Pam | 2026-04-16 | N/A |
| poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users. | ||||
| CVE-2005-0005 | 7 Debian, Gentoo, Graphicsmagick and 4 more | 7 Debian Linux, Linux, Graphicsmagick and 4 more | 2026-04-16 | N/A |
| Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. | ||||
| CVE-2005-0006 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop). | ||||
| CVE-2005-0007 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion). | ||||
| CVE-2005-0008 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption." | ||||
| CVE-2005-0009 | 2 Ethereal Group, Redhat | 2 Ethereal, Enterprise Linux | 2026-04-16 | N/A |
| Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash). | ||||
| CVE-2005-0011 | 1 Kde | 1 Kde | 2026-04-16 | N/A |
| Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. | ||||