Export limit exceeded: 29922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29922 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2163 | 1 Openbsd | 1 Openbsd | 2026-04-16 | N/A |
| login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. | ||||
| CVE-2004-2164 | 1 Virtual Programming | 1 Vp-asp | 2026-04-16 | N/A |
| shoprestoreorder.asp in VP-ASP 5.0 does not close the database connection when a user restores a previous order, which allows remote attackers to cause a denial of service (connection consumption). | ||||
| CVE-2004-2165 | 1 Impressions Games | 1 Lords Of The Realm Iii | 2026-04-16 | N/A |
| Lords of the Realm III 1.01 and earlier, when in the lobby stage, allows remote attackers to cause a denial of service (crash from unallocated memory write) via a long user nickname. | ||||
| CVE-2004-2166 | 1 Canon | 2 Imagerunner 5000i, Imagerunner C3200 | 2026-04-16 | N/A |
| The print-from-email feature in the Canon ImageRUNNER (iR) 5000i and C3200 digital printer, when not using IP address range filtering, allows remote attackers to print arbitrary text without authentication via a text/plain email to TCP port 25. | ||||
| CVE-2004-2167 | 1 Latex2rtf | 1 Latex2rtf | 2026-04-16 | N/A |
| Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand. | ||||
| CVE-2004-2168 | 1 Baardsen Software | 1 Basomail Server | 2026-04-16 | N/A |
| BaSoMail 1.24 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections to TCP port (1) 25 (SMTP) or (2) 110 (POP3). | ||||
| CVE-2004-2169 | 1 A-a-s Application Access Server | 1 A-a-s Application Access Server | 2026-04-16 | N/A |
| Application Access Server (A-A-S) 1.0.37 and earlier allows remote authenticated users to cause a denial of service (application crash) via a long file request. | ||||
| CVE-2004-2170 | 1 Niti Telecom | 1 Caravan Business Server | 2026-04-16 | N/A |
| Directory traversal vulnerability in sample_showcode.html in Caravan 2.00/03d and earlier allows remote attackers to read arbitrary files via the fname parameter. | ||||
| CVE-2004-2173 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| SQL injection vulnerability in advSearch_h.asp in EarlyImpact ProductCart allows remote attackers to execute arbitrary SQL commands via the priceUntil parameter. | ||||
| CVE-2004-2174 | 1 Early Impact | 1 Productcart | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Custva.asp in EarlyImpact ProductCart allows remote attackers to inject arbitrary Javascript via the redirectUrl parameter. | ||||
| CVE-2004-2175 | 1 All Enthusiast Inc | 1 Reviewpost Php Pro | 2026-04-16 | N/A |
| Multiple SQL injection vulnerabilities in ReviewPost PHP Pro allow remote attackers to execute arbitrary SQL commands via the (1) product parameter to showproduct.php or (2) cat parameter to showcat.php. | ||||
| CVE-2004-2191 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. | ||||
| CVE-2004-2192 | 1 Turbotraffictrader | 1 Turbotraffictrader Php | 2026-04-16 | N/A |
| SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. | ||||
| CVE-2004-2193 | 1 Cjoverkill | 1 Cjoverkill | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) tms[0] or (2) url parameters. | ||||
| CVE-2004-2194 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2026-04-16 | N/A |
| MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. | ||||
| CVE-2004-2195 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2026-04-16 | N/A |
| PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter. | ||||
| CVE-2004-2196 | 1 Zanfi Solutions | 1 Zanfi Cms Lite | 2026-04-16 | N/A |
| Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. | ||||
| CVE-2004-2197 | 1 Kdocker | 1 Kdocker | 2026-04-16 | N/A |
| kdocker.cpp in kdocker 0.1 through 0.8 does not properly check the ownership of files, which could allow local users to execute arbitrary programs. | ||||
| CVE-2004-2199 | 1 Duware | 1 Duclassified | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DUware DUclassified 4.0 allows remote attackers to inject arbitrary web script or HTML via the message text. | ||||
| CVE-2004-2200 | 1 Duware | 1 Duforum | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in DUware DUforum 3.0 through 3.1 allows remote attackers to inject arbitrary web script or HTML via via the message text. | ||||