Export limit exceeded: 29944 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29944 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-2661 | 1 Soft3304 | 1 04webserver | 2025-04-03 | N/A |
| Soft3304 04WebServer before 1.41 does not properly check file names, which allows remote attackers to obtain sensitive information (CGI source code). | ||||
| CVE-2004-2662 | 1 Soft3304 | 1 04webserver | 2025-04-03 | N/A |
| Soft3304 04WebServer before 1.41 allows remote attackers to cause a denial of service (resource consumption or crash) via certain data related to OpenSSL, which causes a thread to terminate but continue to hold resources. | ||||
| CVE-2004-2663 | 1 Ibm | 1 Egatherer | 2025-04-03 | N/A |
| The (1) SetDebugging and (2) RunEgatherer methods in IBM Access Support eGatherer ActiveX control 2.0.0.16 allow remote attackers to create files with arbitrary content, as demonstrated by creating a .hta file in a Startup folder. | ||||
| CVE-2004-2664 | 1 John Lim | 1 Adodb | 2025-04-03 | N/A |
| John Lim ADOdb Library for PHP before 4.23 allows remote attackers to obtain sensitive information via direct requests to certain scripts that result in an undefined value of ADODB_DIR, which reveals the installation path in an error message. | ||||
| CVE-2004-2665 | 1 Hp | 1 Hp-ux | 2025-04-03 | N/A |
| Unspecified vulnerability in the Address and Routing Parameter Area (ARPA) transport software in HP-UX B.11.00, B.11.04, and B.11.11 before 20040628 allows local users to cause a denial of service via unspecified vectors. | ||||
| CVE-2004-2666 | 1 Mantis | 1 Mantis | 2025-04-03 | N/A |
| Mantis before 20041016 provides a complete Issue History (Bug History) in the web interface regardless of view_history_threshold, which allows remote attackers to obtain sensitive information (private bug details) by visiting a bug's web page. | ||||
| CVE-2004-2667 | 1 Ibm | 1 Lotus Domino | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | ||||
| CVE-2004-2668 | 1 Interchange Development Group | 1 Interchange | 2025-04-03 | N/A |
| SQL injection vulnerability in Interchange before 4.8.9 allows remote attackers to execute arbitrary SQL commands via unknown vectors. | ||||
| CVE-2004-2669 | 1 Neocrome | 1 Land Down Under | 2025-04-03 | N/A |
| Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php. | ||||
| CVE-2004-2670 | 1 Endonesia | 1 Endonesia | 2025-04-03 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in mod.php in eNdonesia 8.3 allow remote attackers to inject arbitrary web script or HTML via (1) the mod parameter in a viewcat operation or (2) the query parameter in a search operation in the publisher module. | ||||
| CVE-2004-2671 | 1 Endonesia | 1 Endonesia | 2025-04-03 | N/A |
| mod.php in eNdonesia 8.3 allows remote attackers to obtain sensitive information via certain direct requests, and certain requests with invalid parameter values, which reveal the path in various error messages, as demonstrated by the (1) mod and (2) cid parameters. | ||||
| CVE-2004-2672 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | N/A |
| Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors. | ||||
| CVE-2004-2673 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | N/A |
| Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument. | ||||
| CVE-2004-2674 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | N/A |
| Directory traversal vulnerability in ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to determine the existence of arbitrary files via ".." sequences in the SITE UNZIP argument. | ||||
| CVE-2004-2675 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | N/A |
| ArGoSoft FTP Server before 1.4.1.6 allows remote authenticated users to cause a denial of service (crash) via a SITE PASS command with a long password parameter, which causes the database to be corrupted. | ||||
| CVE-2004-2676 | 1 Webroot Software | 1 Spy Sweeper Enterprise | 2025-04-03 | N/A |
| The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges. | ||||
| CVE-2004-2677 | 1 Qwikmail | 1 Qwikmail Smtp | 2025-04-03 | N/A |
| Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments. | ||||
| CVE-2004-2678 | 1 Hp | 1 Tru64 | 2025-04-03 | N/A |
| Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors. | ||||
| CVE-2004-2679 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | N/A |
| Check Point Firewall-1 4.1 up to NG AI R55 allows remote attackers to obtain potentially sensitive information by sending an Internet Key Exchange (IKE) with a certain Vendor ID payload that causes Firewall-1 to return a response containing version and other information. | ||||
| CVE-2004-2682 | 1 Peersec Networks | 1 Matrixssl | 2025-04-03 | N/A |
| PeerSec MatrixSSL before 1.1 does not implement RSA blinding, which allows context-dependent attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal), a related issue to CVE-2003-0147. | ||||