Export limit exceeded: 349338 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349338 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1622 | 1 Ubbcentral | 1 Ubb.threads | 2026-04-16 | N/A |
| SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter. | ||||
| CVE-2004-1623 | 1 Microsoft | 1 Windows Xp | 2026-04-16 | N/A |
| The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk length is set to 0xFFFFFFFF. | ||||
| CVE-2004-1624 | 1 Altiris | 1 Carbon Copy | 2026-04-16 | N/A |
| Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe). | ||||
| CVE-2004-1625 | 1 Pgina | 1 Pgina | 2026-04-16 | N/A |
| pGina 1.7.6 and possibly older versions, when the Restart or Shutdown options are enabled on the login screen, allows remote attackers to cause a denial of service by connecting via Remote Desktop and clicking restart or shutdown. | ||||
| CVE-2004-1626 | 1 Code-crafters | 1 Ability Server | 2026-04-16 | N/A |
| Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command. | ||||
| CVE-2004-1627 | 1 Code-crafters | 1 Ability Server | 2026-04-16 | N/A |
| Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command. | ||||
| CVE-2004-1628 | 1 Pizzashack | 1 Rssh | 2026-04-16 | N/A |
| Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code. | ||||
| CVE-2004-1629 | 1 Distinct Web Creations | 1 Dwc Articles | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier allow remote attackers to execute arbitrary SQL statements. | ||||
| CVE-2004-2236 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Unknown vulnerability in Moodle before 1.3.3 has unknown impact and attack vectors, related to language setting. | ||||
| CVE-2004-1630 | 1 Openwfe | 1 Work Flow Engine | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in the login form in Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to execute arbitrary web script or HTML via the url parameter. | ||||
| CVE-2004-1631 | 1 Openwfe | 1 Work Flow Engine | 2026-04-16 | N/A |
| Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results. | ||||
| CVE-2004-1632 | 1 Moniwiki | 1 Moniwiki | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the arguments to wiki.php. | ||||
| CVE-2004-1638 | 1 Tabs Laboratories | 1 Mailcarrier | 2026-04-16 | N/A |
| Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command. | ||||
| CVE-2004-1646 | 1 Jerod Moemeka | 1 Xedus | 2026-04-16 | N/A |
| Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | ||||
| CVE-2004-1648 | 1 Web Animations | 1 Password Protect | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in (1) index.asp, (2) ChangePassword.asp, (3) users_list.asp, (4) and users_add.asp in Password Protect allows remote attackers to inject arbitrary web script or HTML via the ShowMsg parameter. | ||||
| CVE-2004-1649 | 1 Microsoft | 1 Windows 2000 | 2026-04-16 | N/A |
| Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfo_file command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future. | ||||
| CVE-2004-1217 | 1 Hosting Controller | 1 Hosting Controller | 2026-04-16 | N/A |
| Hosting Controller 6.1 Hotfix 1.4, and possibly other versions, allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter to (1) Statsbrowse.asp or (2) Generalbrowse.asp. | ||||
| CVE-2004-1216 | 1 Burut | 1 Kreed | 2026-04-16 | N/A |
| The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game. | ||||
| CVE-2004-1215 | 1 Burut | 1 Kreed | 2026-04-16 | N/A |
| Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error. | ||||
| CVE-2004-1214 | 1 Burut | 1 Kreed | 2026-04-16 | N/A |
| Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text. | ||||