Export limit exceeded: 29927 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29927 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-1976 | 1 Smc Networks | 1 Smc7004vbr | 2026-04-16 | N/A |
| SMC Barricade broadband router 7008ABR and 7004VBR enable remote administration by default, which allows remote attackers to gain access by connecting to port 1900. | ||||
| CVE-2004-1977 | 1 3com | 1 Webbngss3nbxnts | 2026-04-16 | N/A |
| 3com NBX IP VOIP NetSet Configuration Manager allows remote attackers to cause a denial of service (crash) via a Nessus scan in safeChecks mode. | ||||
| CVE-2004-1978 | 1 Moodle | 1 Moodle | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter. | ||||
| CVE-2004-1980 | 1 Props | 1 Props | 2026-04-16 | N/A |
| Directory traversal vulnerability in glossary.php in PROPS 0.6.1 allows remote attackers to view arbitrary files via a .. (dot dot) in (1) module or (2) format variables. | ||||
| CVE-2004-1981 | 1 Businessobjects | 2 Crystal Enterprise, Crystal Reports | 2026-04-16 | N/A |
| The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder. | ||||
| CVE-2004-1982 | 1 Yabb | 1 Yabb | 2026-04-16 | N/A |
| Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board's .txt file via carriage return characters in the subject field. | ||||
| CVE-2004-1983 | 2 Gentoo, The Pax Team | 2 Linux, Pax Linux | 2026-04-16 | N/A |
| The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. | ||||
| CVE-2004-1985 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in menu.inc.php in Coppermine Photo Gallery 1.2.2b allows remote attackers to inject arbitrary HTML or web script via the CPG_URL parameter. | ||||
| CVE-2004-1986 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2026-04-16 | N/A |
| Directory traversal vulnerability in modules.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to read arbitrary files via a .. (dot dot) in the startdir parameter. | ||||
| CVE-2004-1987 | 2 Coppermine, Francisco Burzi | 2 Coppermine Photo Gallery, Php-nuke | 2026-04-16 | N/A |
| picmgmtbatch.inc.php in Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers with administrative privileges to execute arbitrary commands via shell metacharacters in the (1) $CONFIG['impath'] or (2) $CONFIG['jpeg_qual'] parameters. | ||||
| CVE-2004-2004 | 1 Suse | 1 Suse Linux | 2026-04-16 | N/A |
| The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH. | ||||
| CVE-2004-1996 | 1 Simple Machines | 1 Smf | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in Simple Machines Forum (SMF) 1.0 allows remote attackers to inject arbitrary web script via the size tag. | ||||
| CVE-2004-2005 | 1 Qualcomm | 1 Eudora | 2026-04-16 | N/A |
| Buffer overflow in Eudora for Windows 5.2.1, 6.0.3, and 6.1 allows remote attackers to execute arbitrary code via an e-mail with (1) a link to a long URL to the C drive or (2) a long attachment name. | ||||
| CVE-2004-2006 | 1 Trend Micro | 1 Officescan | 2026-04-16 | N/A |
| Trend Micro OfficeScan 3.0 - 6.0 has default permissions of "Everyone Full Control" on the installation directory and registry keys, which allows local users to disable virus protection. | ||||
| CVE-2004-2007 | 1 Adam Webb | 1 Nukejokes | 2026-04-16 | N/A |
| Cross-site scripting (XSS) vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to inject arbitrary HTML or web script via the (1) cat parameter in a CatView function or (2) jokeid parameter in a JokeView function. | ||||
| CVE-2004-2008 | 1 Adam Webb | 1 Nukejokes | 2026-04-16 | N/A |
| SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter. | ||||
| CVE-2004-2009 | 1 Adam Webb | 1 Nukejokes | 2026-04-16 | N/A |
| NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via (1) a direct call to mainfunctions.php, (2) an invalid jokeid parameter in a JokeView function or (3) an invalid cat parameter in a CatView function, which reveals the path in a PHP error message. | ||||
| CVE-2005-0019 | 1 Yongguang Zhang | 1 Hztty | 2026-04-16 | N/A |
| Unknown vulnerability in hztty 2.0 and earlier allows local users to execute arbitrary commands. | ||||
| CVE-2004-2022 | 1 Activestate | 1 Activeperl | 2026-04-16 | N/A |
| ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl. | ||||
| CVE-2004-2023 | 1 Zen Cart | 1 Zen Cart | 2026-04-16 | N/A |
| SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters. | ||||